I am angry at the bait-and-switch Bambu is pulling. I bought one of their printers in the Black Friday sale on the understanding it was reasonably hackable and open. Now they're trying to lock it down so I can't print on my own printer without using their approved software and DRM chain. It's outrageous.
More info on the hacking (the first in what may be a long stupid fight): https://hackaday.com/2025/01/19/bambu-connects-authenticatio...
bait-and-switch? We, those who advocate for open source 3D printers, saw it coming from miles away. This has very very clearly been their plan all along, they themselves said as much (e.g. they are doing the "apple model"). They have been very transparent about this, yet people still fell for it.
I bought a printer. It had some stuff. I didn't want that stuff to be gone after I bought it. That's a bait-and-switch, because they didn't explicitly say "be aware, that stuff is going away on Jan 2025".
They never officially supported compatibility with Orca, or Home Assistant. Vendors break compatibility with unsupported stuff all the time. Don’t make purchase decisions on unsupported features if you’re gonna get all bent out of shape about it.
AFAIK, Apple has never retroactively removed functionality from devices people already purchased
Selling a walled garden is one thing, building walls around a garden you already bought is another thing entirely
This is the Google model then. Base everything on open source, even allow unofficial builds of your operating system (LineageOS, Graphene), but slowly introduce more and more device attestation and DRM so it becomes de facto impossible to actually use anything but the closed builds because everything from banking apps and electronic identification apps to streaming apps will refuse to run on your "unsafe" operating system.
Currently the only thing which won't run on a non-google blessed android build is google wallet, although a lot of applications rely on google's proprietary services exposed through google play.
I've not ran into any banking applications which won't run on a non-google build of android (as then they would only run on a pixel). That being said, I refuse to seriously bank with any bank which doesn't offer a functioning website. My main bank offers an app but you have to wholesale switch to it.
This is false. List of apps which refuse to run on my old OnePlus 6 which I revived with LineageOS:
- Danish national identity app (MitID). I had to get a hardware token that generates one-time passwords.
- My banking app (still works in the browser though).
- The de facto payment app used for peer-to-peer payments and as a credit card alternative all over Denmark (MobilePay).
- The app for controlling the heating system in my car.
- Revolut.
- The app for showing a digital version of my government issued health insurance card. It's literally just a barcode and a number, so I can get by using a photo of the card instead. This underlines the ridiculousness of requiring Play Integrity attestion.
- The app for showing a digital version of my driver's license. As a bonus this app also doesn't work if you have set your default browser to Firefox instead of Chrome, even on a non-rooted phone.
On top of this, one app for scanning goods in the supermarket stopped working, but without explicitly saying why. I suppose it just silently depends on some Google service, but I have not way of knowing that.
I also cannot get Chromecast to work, but that is perhaps to be expected when replacing the Google services with microg, and not strictly a result of DRM. It is a major inconvenience though.
Denmark is one of the most digitized countries, and in many ways that is good. However, it also means that you are increasingly coerced into the whole Google/Apple ecosystem and that it is very hard to get out. Luckily there are alternatives to all of the above apps, but it is a major inconvenience to have to use them.
Revolut stopped working for me on GrapheneOS with an official message "Sorry, Revolut is not supported on devices with custom firmware".
Do you have the sandboxed Play Services installed? It works fine for me on Graphene (just checked).
That said, the recommendation I always give, and personally follow: keep a spare phone in a drawer somewhere, with official Android installed, a Google account, and use it exclusively for business purposes - banking, government services, and the email account you use for those (separate from the one you use for everything else). Nothing else, no messaging, socials, browsing, or games.
Then you're free to keep your personal phone FOSS and as private as you like, without fear of getting locked out of important stuff due to a crappy Google® SafetyNet® upgrade.
None of the unofficial Android builds allows me to access to the secure element in my SIM card to use my e-signature, which works with SIM menu prompts triggered OTA by the application I'm currently using, mostly governmental services.
If I'm on a custom ROM, the notification never pops up.
Anything that depends on the SafetyNet API will not run if your android build does not pass the checks, the list is much much bigger than "just google wallet". Whether a rom passes safetynet or not very much depends on what google considers blessed today, and what they will consider blessed in the future.
Did Google ever introduce more device attestation and DRM into an already released device though?
They did even worse.
New firmware upgrades made older devices slower and painfully unusable: https://www.techradar.com/news/apple-might-be-slowing-down-y...
And they have plenty of experience building walls around a garden. Ask anyone using OSX for the past 15 years and you will see how difficult it has become to write or publish software for Apple.
And main difference with Apple is that you don't have to log in to their services on iPhone yet still have full _phone_ functionality.
the keyword being _phone_, not smartphone. Bambulab too will let you print from SD card without logging in their infra, they are just locking the rest of the ecosystem. 1 to 1 analogy.
It's still a smartphone - with web browsing, mail and everything else what's available out-of-the-box. And Bambu will cut out even local network access and, as they stated in "Terms of Use", can lock print jobs until you update firmware. Far from 1:1 analogy...
Just some of them:
- Battery Management (iPhone 6, 6s, and SE): In 2017, Apple introduced a battery management feature in iOS 10.2.1 to prevent unexpected shutdowns by throttling the performance of iPhones with degraded batteries. This led to slower device performance without informing users, which is a removal of expected performance functionality.
- 32-bit App Support: With the release of iOS 11 in 2017, Apple dropped support for 32-bit apps. This meant users could no longer use older apps that had not been updated to 64-bit, effectively removing access to those apps on updated devices = You want the new OS? -> you have less functionality.
- Pulse oximetry features were recently removed from new Apple Watches due to Masimo's patent infringement claim.
> This led to slower device performance without informing users, which is a removal of expected performance functionality.
As opposed to the device unexpectedly shutting down due to a degraded battery not being able to push enough energy to support the CPU? They didn't remove expected performance, they prevented crashes which are by definition 0 performance. All Li-ion batteries degrade over time. That's not removing a feature...
This whole thing was totally overblown.
Well, they DID remove expected performance by slowing CPU performance, disn't they? People who had bought these iPhones (and not the previous ones) did so also because of the promise of a more powerful CPU, a promise broken by Apple. It is removing a feature (a better CPU) and Apple knew it that's why they did it without informing users.
Just to add, they also got fined by the EU for doing so, so it was ruled to be illegal. Bambu's changes would fall into the same category of altering the product and degrading the experience after its been sold.
Just to let you know that InstaCam360 did the same on their cameras with the smartphone app.
Previously you could directly upload the 360 videos do youtube, now you need to download the film locally on the phone, then host a converted version and only after those loops you are permitted to upload.
Or you can now buy a monthly subscription and get back the feature that was already there before. Quite disappointed with this kind of behavior.
the problem isn't that they've done it.
the problem is that user got no choice. Some might prefer degraded performance, others might prefer to charge their devices more often.
Also seller should have no business touching anything that they've already sold - they do might offer support, but it should be up to user to accept it or not.
It's not a matter of "charging more often". The phone just shut down when the battery was somewhere between 0-40%
Source: had two 6S's in the family. In the cold it could just suddenly shut down mid-call from 60% battery.
Indeed; while I've not had this specific issue with the phones, I do still have a mid-2013 MacBook Air lying around (it's now too old to realistically sell), and the battery on that was so worn by the time I got an M-something to replace it that would go from "fine" to "emergency shutdown" during boot if I forgot to plug it in. And then report something like 20% if I plugged it in and immediately booted it again.
However they applied it to all phones of that model, not just ones with degraded batteries
No, it was dynamic based on voltage. iPhones with worn batteries had higher performance at full battery and swapping the battery with a fresh replacement restored full performance even at low battery percentage. In fact this is how the slowdown was discovered: someone replaced their iPhone battery with a non-genuine replacement and it got noticeably faster.
you are still missing the point.
USER should chose that. not apple.
not all of them shut down, someone might get a battery replacement.
What apple should've do is to introduce a toggle, give a warning in notification. and in case of crash, display it again.
Apple (IMO rationally) chose that people would prefer a working phone, one they can use to call emergecy services, for example, to a phone that just suddenly dies.
After the massive hissy fit the Internet threw (along with lawsuits), they added a switch. Now you can choose to have your phone suddenly die.
But the legend lives on that "Appple slowed down phones permanently!!" - even though the fix for that is a 40€ battery swap that takes 30 minutes in any mall phone repair shop.
Again, let user chose. apple sold a product, it's out of their hands to decide what users do with it.
Maybe i want to use the device in a way that's 100% connected to the charger and repurpose it.
It's not apple's business what I'm doing with it
> All Li-ion batteries degrade over time
So they know this yet they refuse to let users swap the battery?
Users can swap the battery?
1) open phone
2) remove battery
3) replace battery
4) close phone
Not sure what kind of users you're dealing with, but your typical iphone user can absolutely not do that
A typical car driver can't change the oil in their car, nor can they do a headgasket swap either.
People don't go telling that Ford "refuses users to let their change their oil".
It's all perfectly doable, but you do need the tools and an ability to follow a step by step guide with pictures.
Imagine Ford deciding their cars must drive at 50% their speed when the engine oil is older than 2 years and at the same time forbidding users from changing the oil.
Yet there are always people justifying these type of awful practices as better for users. These aren't, the measures are only good for business.
The last one doesn’t really hold up since the feature is still available on devices that they were delivered on. My watch has the feature still.
The big difference is that none of these changes were part of a defined strategy to lock the user in to their products and ultimately generate more profit, as with the Bambu example:
- Battery management was to handle an issue that was encountered as batteries aged
- 32 bit support: Apple is well known for being one of the more aggressive companies when it comes to forcing users (and especially people coding apps for their platforms) to adopt required tech changes. But again, not directly profit-driven.
- Pulse oximetry: probably the closest to a profit-driven-decision, as this was driven by a patent issue, and presumably they calculated less of a hit from removing the feature than paying feed to the patent owner? Not great, but still not directly part of a user-unfriendly Apple-derived strategy, as with Bambu.
I remember one guy ranting a lot about navigation with the apple pen
Open source didn't compete on quality for price. I could pay 2k plus 40 hours of my time for a Voron or buy something that just works. I think Prusa only put out their CoreXY offering after they realized Bambu was eating their lunch. The Apple model works because people want to print rather than tinker.
Well Prusa was open and did compete.
But for 3D printers that worked out of the box under $1000, Prusa had no real competition itself.
The Mk3 came out in 2017 and I swear Prusa just sat on their laurels. I was a Mk3s+ owner (well, still am) and was pretty disappointed how little improved with the Mk4.
Bambu’s competition was Prusa and they clearly strived to improve over what Prusa had accomplished.
I wasn’t really sold on the 4/4S, but I recently upgraded a 3S+ to a 4S and am amazed how much improved. The new touchscreen LCD is a huge improvement over the old two line monochrome LCD. Remote access and wife printing is a nice plus — I don’t even run OctoPi anymore. Automatic bed leveling and no more Live Z tweaking for each sheet has been a major quality of life upgrade and eliminates one of the major pain points in swapping out nozzles. The nozzle is much easier to swap out and is now high flow. Add in Input Shaping and it prints significantly faster.
I hadn’t had any experience with the new platform prior to this upgrade and I skipped over the MK4, but the 4S upgrade is a significant step up over the 3S/3S+. I wouldn’t necessarily recommend the upgrade kit — that took much longer than expected to complete (about two days) and I regret not buying a new printer instead. But, I have a 3S I plan to upgrade to 3.5 just to get the new electronics; that upgrade is far less intensive.
If you haven’t tried out a 4S you might be pleasantly surprised by how much nicer it is than the 3S+.
wife printing sounds nice!
the future is now
Are those still in PLA or you can print them organic now?
The problem is even with Prusas recent efforts to catch up with the Core One, it's expensive, and they still dont have a viable answer to the AMS. The MMU is still a hot mess, requires tinkering, isn't stable and overall just doesnt come close to an out of the box experience.
They still seem to be thinking the primary audience of 3d printers is people who tinker. It's not been that way for a long time. People just want to be able to unbox, plug it in and print. The second you add in the "oh just spend 5 hours tweaking this spaghetti mess of an MMU" you've lost them.
A Prusa MK4, completely factory built, is a reliable workhorse for me.
I didn't suggest otherwise, nor was that even part of my point.
I wondered if the bamboo was sold for a loss
Bambu Labs printers are not cheap. Even their entry level A1 printer is twice the price of an Ender3.
Sure, it is a better printer, but it is clear that they are going for scale, and most of what makes them better is in the software rather than in using premium hardware.
initially maybe but the way the printers are built makes for cheap mass production. Theres no special sauce in the hardware, it's all low cost off the shelf stuff, it's just optimised very well.
> Open source didn't compete on quality for price.
Well, Open Source did compete on one quality very well: being open, hackable and staying that way. With this being removed from Bambu lab printers it seems as if this is a very much valued aspect for many 3D printing enthusiasts, yet few people were willing to compromise for this aspect.
Apparently it is true, you don’t know how much you value something until you don’t have it anymore
I paid ~$750 for my 350mm Voron 2.4 kit (and, sure, 40 hours of my time. But look, you want to do 3D printing, 40 hours are just a small initial investment).
It really depends upon the target market. That's fine for hobbyists. But I use the Bambu X1 for small-scale prototyping in a company, and it has to be usable out of the box. We can't justify an entire week of labour for each printer we buy.
The Bambu has been ideal for that reason. Every material pretty much just works, and the quality is excellent. The cloud integration and janky LAN mode is the downside, and this current topic even moreso.
> But look, you want to do 3D printing, 40 hours are just a small initial investment
No. None of this crap. I want to 3D print. I don't want to service industrial machinery in my spare time. Why should 3D printing require spending weekends troubleshooting machines just to keep the thing working? I want to print models not play repair technician.
Vorons are fantastic printers and a fantastic kit if 3D printing itself is your hobby. 3D printing is a fantastic hobby. There's tons of fun to be had building up and dialing in a printer kit. A well tuned voron can be up with the best of the best 3D printers. If that's what you want to do go for it!
But for heaven's sake I want to print models, parts and other practical things. I have other things to do and problems to solve. My 3D printer is a tool. If I have to spend just as much time working on the machine as I do using to actually print things then I'm not interested.
Bambu is still the best game in town for a turn-key, just works printer. Prusa can deliver the same experience at double to triple the ticket price. A voron is not a replacement for a Bambu printer no matter how good the printers actually are.
>Why should 3D printing require spending weekends troubleshooting machines just to keep the thing working? I want to print models not play repair technician.
I’m sympathetic to your POV but the reason you should is that’s the price to keep things open.
Obviously many people don’t care about that. Fair enough. But then you should be prepared to deal with their shenanigans.
Prusa also does things like maintain and develop printables.com and PrusaSlicer (itself forked) which many of these closed printers fork with minimal changes.
People don’t care about this either. So again, get ready to deal with garbage when Prusa goes under.
I think it’s sad since the whole domestic 3D printer thing started as open source.
> I’m sympathetic to your POV but the reason you should is that’s the price to keep things open.
No, it's not, and the perception that it is hurts the cause of openness.
Open Source has every ability to be better, to Just Work, to not require constant debugging. Good Open Source systems manage this. The fact that 3D printers apparently have not is the fault of those printers, not any inherent quality of openness.
QIDIs might need a slight bit more tinkering with settings for new filaments but they’re pretty solid and offer more than Bambu does for the money
Comparing Bambu to Voron is an absurd comparison
> Comparing Bambu to Voron is an absurd comparison
I politely disagree. I was in the market for a more modern printer, and it boiled down to either a BL or a Voron - in the end I decided against ease of use and in favor of an open ecosystem. I agree in that they are not universally interchangeable, but for some people either can be an option, each with distinctive advantages and disadvantages.
What do they offer more in your experience?
because 3d printing is not there yet.
the whole process is basically cnc but with z hops and extruding instead of removing material.
we do not even have conical slicing yet.
> because 3d printing is not there yet
Ya, it is, and it’s been there for quite a while now thanks to Bambu.
The X1 just works. Coming up on a year of frequent use, I can count the number of failed prints on one hand. It’s incredible.
i do not believe you. it is mostly a material issue not a printer issue
Both modern (pre assembled) Prusa and Bambu are very good at this. They guide you through the full setup process, automate first layer reliable, have decent stock profiles.
It's all just much less tinkering then 5 years ago.
> it is mostly a material issue not a printer issue
Tell me you don’t anything about 3d printing without telling me you don’t know anything about 3d printing.
if you think that there are not limitations with current fdm thermoplastics and software, i do not know what to tell you.
It is. I have no interest in messing around with 3D printers and was annoyed by the fact that Bambu lab lied about the 15 minute setup time. It was more like 45 minutes, but after that I never touched the printer again and started printing instead.
Also, subtractive manufacturing is much harder than additive manufacturing, because you need to position the machine around an existing piece of stock and sequence your operations manually, instead of letting a generic slicing algorithm slice from bottom to top with an offset vs the intended printing location only being a problem if you accidentally print over the edge of the build plate, which is usually not possible mechanically.
it is not that. i mostly mean that for anything functional that needs to take a load you need at least petg or asa (abs is a bit old now), which require proper storage.
also there are so much stuff that are in open prs and issues for years that are not implemented for slicers.
I think the AMS unit for the Bambu is somewhat sealed and has desiccant in it.
"take a load" - I don't know what kind of load, do you mean the fact that PLA is creeping under sustained load?
If that is YOUR usecase that is fine, but that does not mean that set and forget works just fine for others. Btw gun people use PLA plus just fine.
"Take a load" = perform mechanically and or structurally at levels of force, temperatures, etc. at levels higher than the properties of PLA allow for.
Don't get me wrong here. PLA is a great polymer, However you can't really expect parts made with it to hold up when compared to other "engineering grade" polymers.
I don't think anyone expects PLA to be used for anything that requires structural stability. There's far better filaments for that application. Some of the carbon fiber infused PETG filaments for example are incredibly strong.
Not many people use 3d printing for applications that require extreme strength though, that's really not the goal many people are aiming for.
Well for example layer bonding is better compared to some other materials. It's just that load over time it will creep. And of course shite under temperature.
It can be a fantastic material for some functional parts.
But even if not, I don't see how it's invalidates that there are printers out there that are more or less set and forget.
that is just one example of issues with thermoplastics. the AMS is great though.
You're saying this yet anyone can buy a random Bambu and just print.
I've owned or used probably every major (and some minor) printer released in the last 8 years and for most people Bambu really will just be "plug and play" (and even if something goes wrong they'll hold hands as much as needed)
as i said to another reply, it is a material issue.
That does not match my experience. The printer I have has had parts break with light use, and a really poorly engineered z-axis homing which results in wildly inconsistent zero heights and a very high print failure rate.
Damn that's cheap! What vendor did you use?
Curious if anyone has tried the Core XY printers from Creality? I think they use open source software and are generally in the same ballpark as the Bambu printers price-wise. Also saw they have a similar AMS style system as well.
There's a middle ground between the Apple model and assembling everything yourself.
> The Apple model works because people want to print rather than tinker.
Entirely this. I bought my A1 mini over the Christmas holidays and couldn't be happier with it, it's my first 3D printer. Searching for models on Makerworld, adjusting tiny bits here and there if needed and print. It just works and I don't really care about anything else, much like my Brother printer.
it just works until it doesn't
"Fell for it" implies that everyone buying a Bambu printer expected some degree of openness. Maybe some customers actually want an "Apple model", where the device mostly looks after itself and "just works" as much as possible.
Good for you. Kind of a non sequitur, though, and gaslight-ey at that.
As someone who recently bought a bambu printer, I have to agree: I am not surprised. Still disappointed, but in no way surprised. The "apple experience" is why I went for a bambu device (along with the price, and some excellent recommendations from friends). I was even surpised that the "LAN Mode" actually works somewhat good. Should have got a prusa...
Come on even makerbot wasn’t that blatant. I believe a lot of us haven’t seen it coming.
“Hackable” and “open” were never advertised or officially supported by Bambu. It is foolish to make a purchase decision based on an unsupported and unadvertised feature, and while you can be angry that seems silly.
You can print of an SD card without any special software or online services, the same as you can on Prusa printers. It's just the server/internet stuff that's locked down. Which I wish was open too, but it's still has fully unrestricted local printing functionality.
https://www.reddit.com/r/BambuLab/comments/1i548m9/this_is_p...
Looks like it's not true?
I _think_ that's browsing the SD card from Bambu Studio when the printer's set to LAN Mode, not printing from SD on the printer itself.
Yeah this looks to be the case. All of this change was prompted by the fact that malicious software was triggering prints over the network. So now they have locked it down so the printer can verify prints came from the actual account owner.
Printing directly from SD cards via the little touch screen is unchanged since networked computers can’t do that.
> So now they have locked it down so the printer can verify prints came from the actual account owner.
This is inaccurate, the printer already required authentication using an 8 digit code. What they're trying to do now is verify that the print has been started using official Bambu software, i.e. software-only DRM.
> All of this change was prompted by the fact that malicious software was triggering prints over the network.
Was it actually? Is there a source for this?
I'm not so upset about this change (it doesn't affect me, so far), but I'm skeptical this was a widespread problem.
I really really hope people saying this is a nothingburger is actually right, because I do have a P1S, use orcaslicer, and would like it to continue to work. Hoping this is just a miscommunication.
Bambu Connect is explicitly about allowing you to continue to use your favorite slicer. They make it less convenient (instead of pressing print you now have to save, load the file in Bambu Connect and then press print), but they don't prevent you from doing it.
Once the update actually rolls out to the P1S obviously. Which may not even happen with the current backlash
> Bambu Connect is explicitly about allowing you to continue to use your favorite slicer.
For now. They're putting themselves in the middleman position where they get the final say over what we can print on the printers that we supposedly "own".
It's naive to think that they won't try to extract revenue from that privileged position, they wouldn't have spent R&D resources on it otherwise.
I think this is pretty shitty. Not being able to print directly from the slicer is a big pain.
Imagine if this limitation existed with Bambu's first-party slicer. It would obviously be considered a pretty big downside.
From that link if you continue reading, commenters in the thread point out that LAN mode didn't even exist when the printer came out, and that it's more flexible now than when they first came out on the market.
My other comment on this thread contains the rest of my thoughts. Overall, I think this outrage is overblown.
If you are looking for alternatives, I highly recommend the Qidi q1 pro
Despite an initial issue with the hot end (which was easy and fast enough to fix with help from support). I’ve been really happy with it
It prints pretty much anything. Fast, reliable and very cheap compared to equivalent printers in the market
> on the understanding it was reasonably hackable and open
Where did this understanding come from? I'm pretty happy with my Bambu printer, but I was never under any understanding that it was hackable, let alone open. Since the beginning I was slightly frustrated at the RFID fillament spools not being open-enough for others.
Is this a defect under the EU law?
If so one could get a refund :)
> on the understanding it was reasonably hackable and open
I, honestly, have no idea why you thought that. Bambulab has been under fire from the very beginning about not being open at all and not contributing back to the open source community they're build on.
I bought one of their printers during black friday too, it took me a long time to get over the fact that it isn't an open printer, and I never want to go back to tinkering for hours to get meh quality prints.
And let them be closed-source as long as they give you ability to print without calling home or even without internet connection.
I didn't realize that closed source means you the end user get to dictate how the manufacturer implements features.
> on the understanding it was reasonably hackable and open
While this lock down doesn't seem right it is far from unexpected, I question the amount of research done prior to your Black Friday purchase (BF and well-thought-out-decisions often do not go hang-in-hand!)…
I bought one (an A1 with the multi-material add-on) some months before that in full knowledge that the company would prefer to funnel people into a walled garden because if you look anywhere you'll find proponents of other makes warning that exactly this is possible & likely, with the "must take many steps to print without talking to their servers" being the key evidence in those warnings.
Good reasons to buy a BBL machine (at least my reasoning when I did):
* They work out of the box more so than many of the competition (many will say "X is better or better value, if you spend Y amount of time tuning" which while often correct, I wasn't looking to spend that time tuning), certainly more so than others at similar prices.
* QoL features (good auto leveling, dynamic flow control) that weren't exactly ubiquitous on similarly priced or cheaper machines.
* Certainly in the case of the newest A1/A1-Mini line: a working MMU option cheaper than you find in other ranges (some manufacturers have started addressing this and the out-of-box experience, in their product lines, 2025 could be an interesting year), and very easy nozzle changes (useful if you want to both do detailed minis (without going resin) and mostly larger items).
* For me, the handling of the A1 issues early last year (quickly acknowledging a potential safety issue and publishing mitigation guidelines, full recall or fix-at-home options when it became clear the issue was more significant) was a point in their favour wrt after-sales giving-a-shit. Obviously not a point against others as we don't know how they'd react until it happens, of course. There are regular complaints of slow support response more generally, but there are for other printer manufacturers too and, well, pretty much all consumer facing industry these days.
* The official documentation & videos, maintenance & troubleshooting guides etc, seemed to me to be more coherent than some other offerings (though searching for "<my problem> reddit" is still a thing!).
Absolutely terrible reasons to buy into BBL, long before this storm:
* Openness (software). From the get go their offering has the trappings of a more controlled garden than the 3D printing community were used to.
* Openness (hardware). While there are some compatible 3rd party after-market parts, there isn't the able-to-build-your-own feel you see elsewhere with people using different extruder nozzles, cooling options, and so on.
--------
This isn't a great analogy, but: BBL is an Apple (though not quite on price) to the rest of the 3D printing industry's Linux and it only takes a small amount of information to see that before buying.
If I upgrade (or have to replace, or just decide to get a second) then maybe I'll go elsewhere. I'm more confident I could get other others working well, manufacturers are addressing the points that have allowed BBL to take so much of the market & mindshare in a short time, but the key thing against BBL (not being open like much of the rest of 3D printing) is something I was well aware of when buying (it did make me think twice) so I can't be too mad about it.
Now if they try stop people using 3rd party filament, like the traditional printing industry with ink & toner, which is far from impossible, then I'll feel they've conned me.
> standing it was reasonably hackable and open
Not sure where you got this idea from. Despite the hacking, print from SD Card remains an option, and the device does not need an internet connection for initial setup. Version 01.08.02.00 is the first firmware version that supports offline updating, even if it is also the latest version.
That makes as much sense as saying you bought an Apple laptop expecting it to be hackable
I was very against Bambu in the beginning for their lack of proper network (not cloud!) support. Then they added LAN mode and I actually considered getting one. Luckily I was lazy and never got around to it. What the fuck Bambu?? Security, really? Not even HP dares to make that excuse...
HP just straight locks you out of your printer unless you pay ransom every month..
All HP printers still give you the option of paying full price for ink cartridges and owning the printer. The rental model is one they try very hard to steer you into, with lots of dark patterns, but you can still use HP printers with no account and no subscription ink model.
Bambu Lab have been quite explicit about this. Their consumer-grade printers rely on a cloud service; for people who want or need printing over a private LAN, they offer the X1E.
I mean, I technically see why authentication may be something they want to consider, especially for the less technically inclined users that Bambu is very obviously targeting.
However, this can be easily achieved without bricking every single third party integration. That should simple be a toggle in the settings that works entirely local
I'm kinda curious what will this lockdown do to the efforts to replace their controller and/or firmware with something more open. Something like [1]
It's nice to have a private key to their cloud authentication, but ultimately it's the printers firmware that's the issue. While Bambu owns and updates that, they can change the keys basically anytime they decide that they had enough of the alternative Bambu Connect servers that people will inevitably create with the current keys.
[1] https://github.com/ChazLayyd/Bambu-Lab-Klipper-Conversion
Commentary on the situation from Louis Rossmann https://www.youtube.com/watch?v=aIyaDD8onIE
I wish Prusa weren't asleep at the wheel, then we would have bought a core one (that is, the hypothetical variant with large build volume and same quality as bambulab).
Instead, we bought a P1S, which is, technically speaking, a fantastic machine.
Not really asleep at the wheel. More like they invented the wheel, produced the open source slicer (a fork of the original slicer but vastly improved), which was then used by Bambu who could manufacture a printer for less in China rather than in the EU.
Prusa themselves run 600 printers. They are commercial grade. If I was using a printer for commercial design or prototyping I would go with Prusa. Not only because I would prefer my designs were not sent overseas by an always cloud connected printer.
I ThouYS may have a point. It seems to me that Prusa were tempted to go after the prosumer/pro market and invested a lot of time and engineering horsepower into higher spec machines (Prusa XL, HT90) and resin printers (SL1S).
A lot of 3D printer companies have tried to go this route. It is not a strategy that tends to succeed.
I don't know their sales numbers, but I would be willing to bet that the ROI on those printers is nowhere near their bread-and-butter, high volume, mass market models.
I think their priority should have been to build something like the Core One (a P1S killer) rather than these expensive and risky forays into pro/prosumer land. The Core one is, realistically speaking, at least 24 months late to market. This was avoidable.
Everyone who operates a 3D printing farm, and who isn't a complete muppet, knows that closed down products like those of Bambu Labs are risky. Both because some 3D printer manufacturers kind of have a history of being dickish, and because the big boys are coming after Bambu labs with their patent lawsuits and whatnot. There are clear risks in dealing with companies like Bambu.
Dealing with Prusa involves significantly less risk. This reduced risk has value. You can charge a bit more for Prusa products due to the reputation of the company.
Most people I know who own 3D printers would rather have done business with Prusa. But Prusa only had the MK4 on offer and were burning cash on, let's be frank, irrelevant vanity projects.
Yes, Prusa were very much asleep at the wheel. Or at least, they had some strategic lapses in judgement. Let's hope they understand their customer base better now. I'd be happy to be a bit patient with them if it means we can get something that performs like Bambu printers, but from Prusa.
I'll even be willing to pay perhaps as much as 20% more just because I trust Prusa more than Bambu.
Thing is even with the core one finally releasing...its not a compelling product.
It costs more than the P1S - which lets fact it, thats what it should be compared to, not the X1C as the Core one doesn't have the stronger nozzle, nor any features that would make it a 'pro' level product.
They also still dont have an answer to the AMS, which is a big selling point for the Bambu's. The MMU3 may be better than the previous one but its just like putting lipstick on a pig - it's a mess, with tubes all over the place, spools dotted around, and then you've got to constantly babysit it and tune it.
Side by side the P1S with an AMS is still significantly cheaper and from a marketing perspective a much more visually pleasing offering.
Also worth mentioning that whilst the core one is about to come out, the MMU isnt actually even supported yet, and theres no timeline for when it will be.
Prusa are so far behind at this point and really shouldn't be. Chances are the core one is going to come out and just like the XL and MK4 will be extremely buggy for a good 6 months. How people still accept this is bonkers.
> not the X1C as the Core one doesn't have the stronger nozzle
Swapping nozzles makes the machine worth double?
> which was then used by Bambu who could manufacture a printer for less in China rather than in the EU.
I'm not at all convinced that Prusa's main issue is the cost. Yes, cost is a huge part of it, but the other one is also just usability. When the X1C launched and later the A1, there was a huge difference in usability between what Prusa and Bambu had. Prusa is catching up and that is good. But they will have to do more on that front still, and the higher cost is less of a concern. It becomes a problem when the more expensive printer is worse too.
I got my first 3d printer, an MK3S+ a year ago. Pretty late in its lifecycle, but I wanted to spend more time printing than fixing issues.
And it definitely worked! I got the kit and built it within 10h or so (very enjoyable time actually, like building LEGO as a kid) and have printed lots of stuff ever since. During that entire year I only had a clogged extruder one time and had to take that apart a bit. Any other issues I've had were either due to bad filaments or my own errors (not taking long overhangs or low adhesion seriously while slicing).
And all this time I have been using it completely offline with OctoPrint on an RPi.
I've been following along with a lot of this, because having picked up one of their printers about a month ago, I was immediately very nonplussed with the security. It took some work to get it running isolated on an IoT VLAN, yet still usable from my main machine.
Thus, on first blush, I welcome security improvements from them, but I'm also anxious to see what they hold.
I do wonder where this is going with the keys, because I've seen a lot of "OH LOOK WE HAVE THE KEYS" but nothing about what the keys are used for or how they are useful. Or if they are even useful.
Hopefully there'll be more interesting news about this soon and some solid, technical info.
My understanding is that if I want to print via LAN, I have to auth against Bambu's internet servers, which is most definitely something I don't want.
Actually for my use case this doesn't work at all -- my printers are region locked to China, but I'm not currently in China so I can't connect to those servers -- meaning (I think!) if I upgrade their firmware, I can't print via LAN on my own local network... which just leaves a bad taste in my mouth.
These are great printers, but there's no need for that.
Can you link to some specific detail on that, because I keep seeing that claim, but without any technical info.
I have a P1S which currently can print completely isolated from the internet. Unfortunately (or maybe not?) the new firmware isn't available for my printer, so I can't dig into it myself yet.
But I'd really like to see some sort of "when I try to do X it tries to connect to Y" or "I used to be able to do X, and now Y is required as demonstrated here".
Something more than the current hearsay and pitchforks echo chamber.
From their blog post: https://blog.bambulab.com/firmware-update-introducing-new-au...
"Critical Operations That Require Authorization
The following printer operations will require authorization controls:
Binding and unbinding the printer.
Initiating remote video access.
Performing firmware upgrades.
Initiating a print job (via LAN or cloud mode).
Controlling motion system, temperature, fans, AMS settings, calibrations, etc."
Yep -- I read that, but that doesn't spell out auth back to BBL's servers, just auth.
And keep in mind that OrcaSlicer already used Bambu Network Plugin to communicate with their printers. (It prompted you to download this on install of OrcaSlicer if you picked one of their printers.)
The move to Connect means that OrcaSlicer needs to send the print data to Connect via a protocol handler instead of to the plugin. Connect will then send it on to the printer itself, and from what I've seen it'll do that over LAN. (But I can't test because my printer doesn't support this yet.) I see this as akin to a print driver vs. printer-specific support built into an app. Not a bad thing at all, if done right.
The plugin already did (very minimal) auth via the Access Code and can do it with the printer and Bambu Network Plugin completely isolated from the internet. (I've done this.) So I'd like to know specifics of what's changing here.
"Operation Guide for Bambu Connect
Start by logging in to the Bambu Lab account or click Discover to find LAN mode printers."
https://wiki.bambulab.com/en/software/bambu-connect
At the very least - it looks like you'd need to log-in to the cloud account to print on the LAN, which really begs the question.... why?
> it looks like you'd need to log-in to the cloud account to print on the LAN
The text you quoted directly contradicts what you are saying. It says login OR discover to find LAN mode printers.
You’re right! Sorry obviously I was one coffee short of comprehension!
what else would it be auth'ing against if not Bambu servers?
Perhaps some... other or better way of authenticating to the printer? Previously there was just a single, essentially fixed, numeric string that gave complete access to the printer, and communication was via TLS with a self-signed cert.
I don't want to hypothesize about what it could be doing, I want to see what it's actually doing (or see some actual info from folks about what they've seen) so I can decide if I'm comfortable with that or not.
The bambu cloud service has a very low value-add and they are trying to make it mandatory. the speculation is that they are trying to add a subscription model for print farms, which 3rd party slicers enable.
the printer itself?
I don't have a definitive source readily available, but from talking to people who were investigating the technical aspects, connection between the printer and slicer software will be mutually authenticated using a certificate that will issued by Bambu Cloud, issued only to blessed 1st party software, and verified by the printer upon connection over the local network.
So your blessed Bambu Studio instance connects to Bambu Cloud and requests a certificate, the server issues the certificate to you (or not), and then Bambu Studio may use it to connect to the printer on your LAN.
The certificates have an expiration time of 1 year, meaning that the printer functionality would severely degraded (missing network connectivity), at most 1 year after they take the servers offline or stop issuing certificates for any reason.
Not a definitive source for what I said, but it contains some information: https://hackaday.com/2025/01/19/bambu-connects-authenticatio...
I sorta get what you're saying, and the flowchart here (https://blog.bambulab.com/updates-and-third-party-integratio...) somewhat agrees.
But where I disagree is with that cert stuff.
1) That cert is on the /client/ side, not in the printer. It has nothing to do with printer functionality, only with talking to the printer.
2) Expired certs do not mean things automatically get rejected. Using and allowing expired or self-signed certs is routine in the IoT world where certs on devices can't readily be updated. But again, that cert isn't from the printer.
3) Expired certs, just like the self-signed certs that are so commonly used, still result in things being encrypted on the wire. And often that's the point.
It seems to me that someone found/exported the cert, and is trying to make all sorts of WHAT-IF or THIS-COULD-MEAN-THE-WORST claims but are lacking some significant understanding. Without understanding the architecture and the rest of the code, and perhaps seeing that cert be used, this is just an artifact found in the distributed beta application.
It's vendor lock-in (or DRM), not security. Security would be a protocol based on a user specific secret that doesn't inherently require locking down anything to Bambu Lab only software (think username/password). Vendor lock-in is about locking the user into using Bambu Lab software, which is what we see here.
You would never allow your bank account to be secured with something akin to Bambu Lab's "security fix".
Bambu should be working on scaling their consumables and customer service, it takes weeks to resolve any tickets, 8 days to a first response has been normal for them.
It’s kind of a joke they think they’re ready to roll out a print farm subscription when they can’t even keep basic filament in stock, or like you said even provide basic support. They’ve grown far too quickly.
What can't you fix? All the issues I've had you could find a video on YouTube on what to do.
As a precaution, I've blocked my A1 mini from Internet access on the router, and will not apply any firmware updates anymore. I will also not update Bambu Studio anymore (or completely switch to Orcaslicer). I was already using LAN mode exclusively.
Kind of annoying, but I'm not desperately waiting for Firmware updates, everything works fine so far.
If 3D printing isn't kept open source there's going to be laws about what you can and can't print that will kill innovation.
I can't imagine the printers being open source or not mattering for that, nor can I see any reasonable government banning printing of specific things. If something is illegal to own or manufacture, that already applies to 3D printers just as much as it did to CNC machines or any other method.
Are you so sure?
https://www.nysenate.gov/legislation/bills/2025/A2228?utm_ca...
Not quite the same, and hopefully likely to fail if it hasn't already, but it shows that interest exists in regulating 3D printers. When enough interest exists, things will happen.
JMHO.
Yet they have made it so that sophisticated printers must include firmware that refuses to print banknotes.
The bambu printers haven't been open source.
Doubt it
2D printers are not open source and you can still print pretty much anything
I don't think you can print cash/paper money.
That is covered by "pretty much anything." That doesn't mean absolutely everything.
With the 3D printer you can currently print everything on the 2-D printer you can print everything minus one. (actually there’s probably a whole bunch of currency you can’t print which is maybe hundreds of things ) those are completely different systems of control.
"Pretty much everything" does include "can't print some things" which is pretty much: they control what you can and can't print. So technically you are right and they are right too, but this conversation path led us back in a circle instead of moving the debate forward.
No, you can’t. Printer manufacturers are required to prevent printing certain kinds of images on sophisticated printers. And they also print watermarks unique to your printer on every page.
I'm not surprised that 3D printers are turning out to be as hostile as 2D ones. As usual these days, "security" is the excuse.
There's so much open source software, firmware, and hardware out there for FDM 3D printers, I doubt they'll ever get as bad as regular printers. It's much more a tinkerers world than 2D printing ever would be.
Are regular printers that bad, if buy brother?
I bought a B/W laser printer and have been generally impressed with the lack of BS that came a long with it.
It did ask for toner once, so I bought something from a third-party.
Some are good, some are bad, buyer beware.
No direct experience, but I recently read[1] Brother HL-L3220CW counts printed pages, and refuses to print after a set number of pages, even if there's still toner in the cartridge. Some models have a way to reset the page count but this one apparently does not.
[1] https://spicausis-lv.translate.goog/2025/01-brother/?_x_tr_s...
(I also use a Brother B/W laser printer, got it second hand for almost nothing, works fine)
Does the printer also refuse to print when using toners not part of the EcoPro subscription, though? Or is this just another case of people expecting their subscription toners/cartridges to last beyond their payment? I can't blame them, the marketing is sneaky about it, I just see it often on threads about HP.
The post did mention the other toners that came with the printer also locked, but I think I remember reading elsewhere that those printers are cheaper precisely because they come with EcoPro-only toners in the box.
I have a L2395DW and its factory cartridge just ran out!
Factory setting is to stop printing. It can be changed to basically print anyway.
That worked, delivering increasingly crappy prints until replacement toner cartridges arrived.
Swapped one in and the machine is back to printing fine.
I did buy aftermarket, cheap as I could find for replacement.
The factory cart still had 5 percent or so, when compared to the new ones, of toner in it.
Haven't had the sam
All said and done I am pretty happy. Toner got well used, replacement was cheap.
I've only made good experiences with laser printers, from very small ones to full-sized copy machines. Some of the more expensive inkjet printers are reportedly also quite good. You are still stuck with the usual horror show that is software from hardware companies, but otherwise it's not so bad. And the occasional paper jam, but 3d printers are no better in terms of reliability
The bad reputation is just from HP's tactic to sell printers cheaper than everyone else, in more stores than anyone else, then make the money back with the scummiest tactics imaginable.
Yep laser printers are the equivalent of modern CoreXY printers with solid auto calibration
Could you name one? Other than the X1. I think I might be in the market for a new printer, but I don’t want to lose quality.
With 3D printing out for a while now, there's zero good reason IMHO that there isn't a 2D-plotter retrofit which allows someone to attach one or more [colored] pencils or pens. I'm really shocked the overpriced ink monopolies weren't attacked in this manner, as a young child I distinctly remember a kiosk in a grocery store which 'printed' messages and images on blank cards using colored pencils, for customer order. None of this is remotely new.
> there's zero good reason IMHO that there isn't a 2D-plotter retrofit which allows someone to attach one or more [colored] pencils or pens
This is a thing. Obviously.
https://urish.medium.com/how-to-turn-your-3d-printer-into-a-...
Only a randomly selected tutorial.
> I'm really shocked the overpriced ink monopolies weren't attacked in this manner,
Inkjet and laser printers easily print whole page 300 DPI raster images in seconds. Plotters need vectorial data and their printing speed depends on how complicated what you are printing. These things simply don’t serve the same use case. You can do nice art and heart warming cards with a plotter, but you can’t hit print on your boarding card / dhl label / word document and expect your plotter to give you what you see on your screen.
> None of this is remotely new.
I agree that none of this is remotely new. Plenty of people tinker with plotters for fun and profit. There are even pre-packaged consumer centric solutions where you pay the price of convenience with lack of freedoms. (See the similar debacle around the Cricut plotters.)
Admittedly, the printing system for 2D Printers is a nightmare. Windows Secured Core PCs, for example, disable all 3rd party printing drivers and only support open driverless standards for printing like Mopria. According to people who have looked at it, let’s just say CUPS in macOS and Linux is not very likely to be a paragon of security, having an RCE scare 3 months ago.
If the printing stacks within operating systems are trash, who knows what horrors your network-connected printer firmware has. (Locking down 3rd party ink cartridges in the name of security - what’s an ink cartridge going to do? Buffer overflow the data it sends to the printer? Oh wait, maybe the printer is that dumb and we’re overthinking this, and it’s more inexcusable than first glance suggests.)
Bambu sent out a clarification in their blog, you should read it
I have Bambu, Qidi and Creality printers. Qidi is a good compromise between open and 'print-quality-out-of-the-box'. My Q1 pro is easy to hack, but I have not done anything to it because it prints pretty much as well as Bambu.
I got an A1 mini about a month ago and so far it’s been decent as a beginners printer. I transfer models to the printer via the microSD card and refused to install their networking software on my machine because I don’t trust it’s safe enough. Im also very reluctant to get updates whenever they’re pushed. Maybe im spooked by past bricked devices so I keep all my devices dumb and offline as much as I can.
> Bambu Lab is a Chinese tech company that designs and manufactures 3D printers
They disrupted the 3d printer market with printers that just work out-of-the-box at at price points where you typically only get enthusiast products that require a lot of tinkering.
A lot of their business model is seemingly based on making long-term sales from consumables. Their solution for multi-color printing is more convenient to use with filament sold by them because they embed information about the filament on proprietary RFID tags.
A couple days ago they announced locking down the API for their most expensive line of printers, locking most API calls to only their own software because of "security". Users are obviously upset.
Rumours for the reasons range from protecting themselves from user mods that replicate the RFID functionality on any filament by configuring the printer via API calls, to Bambu Labs wanting to launch some kind of subscription service for print farms.
Bambu Lab filament pricing is very similar to Sunlu pricing if you purchase the same minimum quantities as Sunlu, but Bambu Lab has a wider variety of filament that people actually want. The only thing that really helps them make more money is wasteful multi-color printing.
Reportedly it's Sunlu who's supplying filament for Bambu. But Bambu's version still has RFID tags which make it much easier to work with multicolor.
> The only thing that really helps them make more money is wasteful multi-color printing.
They're slow to make improvements in this area, but they recently introduced some options to reduce the waste, like longer retraction before the color change. Plus as a user you can reduce the waste further by tuning flushing amounts, and you're left with the waste inherent to single-extruder multicolor printing.
Overall yes multicolor can be wasteful, but to me it's impressive that it exists in the first place
Does anyone know what this key is actually used for, and what it enables?
I'm interested what others think of their existing design and whether there are any fundamental security issues that will be resolved by their proposed change.
They are proposing requiring a secret, shared(!?) private signed certificate to carry out any actions beyond monitoring for both the cloud and local (on printer) MQTT servers. These certificates would be issued at the discretion of Bambu by their CSR, currently only for "Bambu Studio" their slicer, Bambu Handy (their mobile app) and "Bambu Connect" which will upload G-Code generated by third party slicers.
The current design:
https://github.com/Doridian/OpenBambuAPI/blob/main/mqtt.md
Connecting to their cloud MQTT requires a username and token already. These details are obtained via a HTTPS request to their login server using your bambu account (which requires a valid email & possibly captcha) to obtain a token. The cloud MQTT is TLS secured, although this is just to encrypt the traffic (aka HTTPS), it is not mutual authentication.
Connecting to the MQTT server hosted on the printer (aka LAN mode) requires a fixed username and a local access token (a random 8 digit number). This can only be found via the physical display of the printer in a menu. This access token can be refreshed via a menu option again physically at the printer. To be clear, this token only allows to you connect directly to the local MQTT server running on the IP address of the printer, so in most environments this should only be the local network. This is also the password for the FTP server that can be used to upload/download sliced 3mf/gcode files.
Personally - this design seems ok to me? With an MQTT service properly configured to isolate user accounts from each other, this is a pattern widely deployed for embedded devices (Azure IoT, AWS IoT etc).
I don't see how the "DDOS" related issues they are claiming would be related to this specific design. If the issue is in the login server - well, that's prior to authentication anyway so nothing they are doing here will fix that.
If it's problems with your cloud MQTT service not being properly isolated - maybe fix that? If the DDOS is at L2, auth isn't going to help. You require logins tied to an email, you can block clients that misbehave once they are logged in.
Nobody is brute forcing the local MQTT server via XSS or something, because JS doesn't allow for raw TCP connections. Are they concerned about malicious software already on the network? Then rate limiting on the printer side or switch to a random length alphanum LAN token to increase keyspace.
I'm curious what more qualified people think, I cannot see any justications for their proposed design improving security.
> Unpacking app.asar without fixing it first will result in an encrypted main.js file and 100 GB of decoy files generated, don't try it.
I know it's not exactly a zip bomb, but it's kinda close, and goddamn, that's obnoxious.
RMS was right
You thought you would be able to print copies of commercial things in the comfort of your home? RIAA would like a word with you.
I’m not familiar with the 3D printing space, but seems like this reverse engineering was inspired by the companies move to clamp down on security of these devices. [1]
From what I understand, this new auth system would make third party integrations (ie, “OrcaSlicer”) obsolete and users would be limited to controlling the device via Bambu Connect. This update impacts users who control the device via HomeAssistant and “print farm management” users. I guess first party support for users with fleets of these printers is dogshit, thus the need for third party software.
Seems after 3 days of community feedback/outrage, the company is backtracking on the Bambu Connect only route. Instead offering a “Developer Mode” option in firmware which on the surface seems to be what the impacted users need. [2]
> In response, we’ve made the decision to implement an optional LAN mode feature, to provide advanced users with more control and flexibility.
> Standard Mode (Default): By default, LAN mode will include an authorization process that ensures robust security
> Developer Mode (Optional): For advanced users of the X1, P1, A1, and A1 Mini who prefer full control over their network security, an option will be available to leave the MQTT channel, live stream, and FTP open. This feature must be manually enabled on the printer, and users who select this option will assume full responsibility for securing their local network environment. Please note that Bambu Lab will not be able to provide customer support for this mode, as the communication protocols are not officially supported.
Seems this resolves the community concerns. Or am I missing something?
[1] https://blog.bambulab.com/firmware-update-introducing-new-au...
[2] https://blog.bambulab.com/updates-and-third-party-integratio...
That's a useful step, but the options are still Full Cloud Dependency or DIY with Zero Security.
Why haven't they implemented rudimentary access control with printer-side Basic Auth (or the equivalents auth for MQTT and FTP). Add optional SSL support to prevent tampering/MITM on a potentially hostile network, and the unauthenticated access concerns listed in [1] should disappear.
Any problems related to potentially damaging instructions should be best-effort mitigated by the firmware and otherwise indemnified by a "your own fault for using a third-party slicer" clause in the EULA.
Bambu Labs shouldn't need to be in the authentication/authorization path, unless we're actively using their cloud environment.
I'm so happy Bambu is getting what's coming to them after screwing us so badly <3
What did they do?
They used a plugin to communicate print jobs (and other integrations), so that third party software could be used pretty seamlessly. Now they're moving to a new authentication model, and will be requiring users to send files to a separate print app. (Bambu Connect) It adds friction to the process, especially for those who were looking to run print jobs at scale, using "print farm" software or building their own solutions.
I do wonder how much friction it'll really add, since the slicers can send the data to Connect via a protocol handler.
It also means that Connect could act as a farm / queueing system as well, more like a print driver vs. individual printer support within the app.
Its pretty much this, nothing seems to be blocking any third party slicer like Orca from working with bambu printers as they are now.. just the print button would now send the file to Bambu Connect, where you would most likely only press an extra button..
Getting info from the printer or AMS? MQTT still works. They specifically said they are not touching that.
Sadly the usual groups of people are screaming, and the open printer people are laughing. But at worst.. this is just friction.
Anyone pointing this out seems to get downvoted. But its all there in the bambu press statement and subsequent pages. Those that are upset seemed to have not read those, and instead just read or watched something inflammatory.
Did you happen to see this? Interesting development, they are basically going to keep the current wide-open-barely-auth'd state and call it a developer mode. And submitted a PR to make Orca Slicer work with the new auth: https://blog.bambulab.com/updates-and-third-party-integratio...
And yeah, I'm realizing that about the downvotes. It's sad the state of things, but SKY-IS-FALLING-GET-PITCHFORKS wins the day over technical analysis, even on purportedly technical forums. But alas, that's an aside.
I'm really looking forward to this rolling out, as I want to monitor my printer with Home Assistant but I /really/ don't like how much control the current (non-beta, non-future) state gives HA. I /want/ auth of some sort when submitting jobs, and it looks like I'll have that.
(I also really want the slicer decoupled from the print management stuff, because I tend to keep a few slicers open and experiment.)
https://hackaday.com/2025/01/17/new-bambu-lab-firmware-updat... has a summary that caught me up. I feel like it must be missing some of the story though.
They are locking down their software so you have to use it
The A1 mini was my first printer and it just works.
Is there another brand that is idiot proof?
If you buy a Prusa in non-kit form, it's not any harder to unbox or operate, and more reliable, while generally achieving somewhat better results. Without phoning home and while maintaining the software Bambu forked theirs from.
A recent review coming to a similar conclusion was Maker Muse' review of bedslingers.
It's a channel I respect a lot, because he has over the years relentlessly disclosed emails of companies trying to bribe or lean on him, or threaten him, and refused to play along.
Most other 3D printing content is essentially paid advertising -- including, I suspect, the carefully constructed brand narrative of Bambu as the first "fire and forget" printers, as if they somehow elevated the art form, when really the user experience is not substantially different.
You do not need to tinker or problem-solve with other modern well-reviewing printers, nor do they fail more prints. My MK4 hasn't failed a single print in a year (i.e. since I bought it), and I haven't had to do any sort of maintenance.
> it's not any harder to unbox or operate
I agree with this
> and more reliable
I emphatically disagree with this.
> while generally achieving somewhat better results
I agree with this.
I'd also like to add that my Prusa Mk3s+ is significantly slower than my P1S. Also, without the MMU it still cost more than my P1S with AMS. Choosing a Prusa is making a philosophical choice, because it's certainly not about convenience, speed, versatility (considering you need to buy a separate enclosure and pricey MMU), bed size, or price. It's a choice you make because you're okay with spending a lot more to support an open platform where you can flash your own firmware without voiding your warranty, not because you want a better experience.
Is the fact that the printer is slower the main reason why you get better results?
The mk4 and mk3 are vastly different machines. If you want to compare the P1S, do it against a contemporary machine. Of course a machine released several years after the mk3 is faster.
What are your thoughts on the upcoming Prusa Core One? I was thinking about getting a P1S but with this rug pull I’m not sure anymore.
I wouldn't buy any new Prusa printer until it's been in the wild at least a year, they tend to be very buggy at launch.
They also have no multimaterial support at launch, the MMU3 will not work with the Core One until they release an update, which they've not yet given a timeline for.
Thank you.
And they cost 3x as much. Which is a pretty tough sell IMO.
Conveniently left out that the Prusa definitely cannot do a lot of things that the popular Bambu models can do quite well, like filaments beyond PETG and PLA, multimaterial printing, etc.
Most Prusa models can print a wide range of filaments. I regularly print ABS and PC on mine. And there is a MMU add-on for Prusa.
The MMU isn't remotely comparable to the AMS though, it's finnicky, regularly breaks and needs a heck of a lot of tinkering for most people to get right. One slightly different filament and you have to start over.
Not to mention its just a messy product. Heck the new Core One doesn't even have support for it at launch which is pretty unforgivable.
Maybe bamboo printers were too cheap which lead them towards their subscription based model.
Everyone complains about enshittification (YouTube ads, subscription models etc..), but then refuse to pay the real price premium goods and services cost. You get what you pay for.
What subscription? They're restricting remote access APIs in new firmware because they pose a security threat.
There is no security threat, it's an excuse. I own a printer and operate it in LAN mode. It requires authentication with 8 digit code.
If you think they care about security, let me remind you that this company used to connect to their cloud in plaintext. The only security they really care about is that of their revenue.
If they actually cared about security, they would let us disconnect these printers from the cloud completely and allow us to manage our own mTLS certificates.
I don't know the details or if it's true, but someone who was in the firmware beta claimed there was //commented-out code about different subscription tears. Maybe just a test, maybe for print farms .. maybe it was all a lie.
…for now….
But yeah, the enshitification economy has made people justifiably paranoid that if a product starts exhibiting new capabilities or features that would seem to support or enable a move towards subscriptions, it’s a good bet that that is in fact the trajectory of the platform.
But afaik Bambu has neither confirmed nor denied that this is in the works.
You pay more and lose reliable multicolour printing this way though - the MMU is NOT a solution.
I am an idiot, and my Prusa MK3S+ (bought assembled, not as a kit) has been me-proof for years, and delivered fantastic print quality all along. My wife is not a techie and she gets good use out of it too. Their newer printers seem to be even better.
Out of ignorance and curiosity about 3d printing I bought a Prusa Mini a few years ago. My 10 year old (at the time) son took to using it immediately and figured out how to use it almost entirely on his own. It has been a great experience. I was thinking of upgrading to something larger and this drama has made the decision an easy one for me.
Based on recommendations here a couple years ago I built a Prusa Mk3 from a kit (right before the mk4 came out). Building it took a while but I think was a worthwhile investment of my time and I think of it as a system I can understand rather than as a black box.
I had a little bit of trouble with it maybe six months ago (repeatedly tripped offline during prints from a thermal issue) but Prusa's online support talked me through recalibrating it and it's been trouble-free since then.
One thing to be said for Prusa is that their support is actually knowledgeable and experienced. You're not going to get a tier 1 support person who has never touched a printer and is just reading from a script.
I've been using a Prusa Mk2 for years no with no real issues. Doesn't have the bells and whistles but it does, like, consistently work.
Eventually I'll get a used FormLabs setup. Once I have a shop space set up.
I bought an A1 after years of fiddling with an Ender. It made 3D printing fun again.
The whole situation reminds me of drones. DJI is (maybe) questionable but their products are without competition when you look at price and quality. Bambu products are also fantastic.
On second thought TP-Link fits too. My TP-Link mesh network just works perfectly. So do their smart plugs.
I did the same- replaced an Ender with an A1. Unfortunately, I’ve had it 10 days and have yet to be able to print anything. Won’t calibrate and cannot update firmware. Seems like a commonly reported issue but tech support is still bumbling around with no useful suggestions. I foresee it going back.
Not yet, but other brands are stepping up their quality. I just bought a Creality K2 Plus, and it's almost on par with my X1C (and has some features I prefer, like the CFS, their version of the AMS)
flashforge is pretty good and by design easy to root.
it is running klipper internally and there are mods to run a completely open source stack (with blobs)
If you’re looking for a CoreXY machine that can handle more industrial filaments for reasonable money, check out QIDI
I personally think the outrage I've seen on this issue is generally not justified.
In general people are just scared of change and on top of that are playing telephone on the details of the change, assuming the worst intentions from Bambu like they're trying to be the next HP.
I have seen a lot of misinformation on this topic, and I think that in that sense it's a good idea to read the actual announcement details to get a better read on Bambu's intentions: https://blog.bambulab.com/firmware-update-introducing-new-au...
A voice in Bambu's defense on this issue would say:
1. The new firmware isn't out, it's still in beta, and the new connect software is also in beta. This stuff isn't done and nobody has been forced to use it or even had it presented as an OTA update yet. The problems highlighted in this wiki page are very possibly problems that Bambu is aware of and intends to fix before release.
2. Bambu in their blog article stated that they are working on integration code so that third party slicers like Orca Slicer can more directly interface with Bambu Connect (see the FAQ section)
3. There are multiple statements on this blog page where Bambu acknowledges the workflow disruption and emphasizes the things they intend to do and do not intend to do, such as "It’s important to note that this update is not intended to restrict third-party software use. In fact, we’ve actively collaborated with third-party print farm management software providers in the past and continue to support such partnerships. To further improve the user experience, we are introducing a new software solution that will address these limitations and enhance overall print farm management capabilities."
4. People who don't run huge print farms don't seem to be impacted by this. Remember that Bambu claims to be a consumer tech company, right there in the "About Us" section. They are trying to make printers that are easy to use and require minimal tinkering. For a normal person, sending a slice file from Orca Slicer to a separate app (adding literally one step) is not a big deal, you're doing that once per print in a world where typical prints take hours to complete. And with that in mind, Bambu is still saying they intend to provide an integration solution to Orca Slicer in the future to streamline that process.
Whether not the software design is a good architecture is an entirely different issue, and as a beta product I'm not sure we can judge that quite yet. Perhaps they should have hardened their network API more rather than introducing a new app? Perhaps they shouldn't have announced this so publicly before they had a solution for third-party integrations ready?
well, it's they really meant improving security they didn't do great job, as you can see people broke this security in a day
blocking printing from sdcard in Lan mode basically deny any claims that this change was poorly communicated improvement
They broke the security of a beta product. That’s why it’s beta and not a released product.
LAN mode didn’t exist when this product was first sold, and it was never implemented through the SD card. It was meant to be used through Bambu Studio over your local network.
“Not implemented/not yet implemented” != “blocked”
Someone who bought a Bambu Lab printer early on actually has more ability to use it without a cloud service now than they did when the product was new. Just about everyone who owns a Bambu Lab printer already signed up for a cloud-connected printer.
https://wiki.bambulab.com/en/p1/manual/p1p-firmware-release-...
I mean a reasonable ask would be why can't they push this off until all of that is taken care of?
I think to be fair to them that's literally what they're doing? They're just announcing it ahead of time while it's in beta so we all know about it.
"Starting January 17th, users will have access to the beta firmware"
"Launching first for X Series printers, with P and A Series updates planned for future release"
Author could start with what this actually is. "An Electron App with Security through Obscurity principles" doesn't tell me much.
I think people are making a big nothing burger out of this.
Bambu is patching a security issue. Personally I don't want any device or application to send any old G-code to my printer. Like say command the printer to basically destroy itself.
Could this lead to completely locking it down in the future? Yes. But they could do that anyways.
I think this is a way to stop getting their pants sued off.
If they really wanted to lock it down they could just make it so everything has to go through their servers and require files to be signed before being read from SD cards.
But instead we really have a half ass attempt.
"Security" on behalf of the user is a complete red herring. You can't print to my 2d printer or my 3d printer, but I can, with "any old device or application". Because they're on my network, not public on the internet.
I disagree. These devices can easily burn down people's homes if given bad G-code. Then they would be sued into the dirt for a security whole a mile wide. Looking at the changes this is about liability.
How is an electron app that just adds another step solving the problem? They should have just secured their api properly instead of using security as an excuse to cut out third party software that will get around an inevitable subscription.
Because authenticated commands removes the liability issue. Hacking the device vs we knowingly let anything send g-code.
This is basically the equivalent to having passwords on a MySQL database or redis server.
Why on earth would they add a subscription? That makes absolutely no sense business wise. No one would buy their printers, and they don't have a captured market to strong arm anyone.
Why would they add a subscription? Uhm print farms already have subscription based software. Bambu would just be an easier entry. They already have screenshots of it on their wiki.
There shouldn’t be a single printer on the market that doesn’t come with basic emergency cutoff features.
If it can burn down your house with the wrong G-code, adding a cloud service is not the way to fix that.
> Bambu is patching a security issue.
This isn't a security fix. As a security protocol, it wouldn't pass any kind of security audit. A security fix would be something based on a per user credential, not on obscurity.
> Personally I don't want any device or application to send any old G-code to my printer.
Username/password over TLS would do that better than what Bambu Lab is proposing, as an extremely simplistic example.
And LAN-only mode should work without any external connections yet it looks like it'll require it for authentication. That defeats the whole idea of LAN-only!
> Bambu is patching a security issue. Personally I don't want any device or application to send any old G-code to my printer. Like say command the printer to basically destroy itself.
Why not implement some kind of open authentication? One that other slicers can implement.