They actually said other tools are regularly used and have been known to find hundreds of issues. So, no, their awesome code is not the reason. Mythos just sucks at finding vulnerabilities that other tools haven't already found.
FTFY.
too many folks are still stuck on IPv4
Printer is IPv6 only?
What I'm saying is that if everyone had IPv6 in their homes and offices, remote access wouldn't require all the silly cloud server games. You could just hit the device directly by its IPv6 address, and assuming your router suppoerts UPNP pinholes, you're done. You'd need dynamic DNS and that's it.
I can understand the remote printing (not on the same network) part. But only up to the point where something jams and I'm not there to yank the plug and untangle it before it gets hopelessly borked.
An emergency stop button in the app should be able to do the same thing. If that's not possible, it's a rather bad design flaw.
Also, if something jams in a way that could cause meaningful damage (beyond having to brush blobs of filament off of the hot end) and the printer doesn't detect it, that's also a rather bad design flaw.
I have an F-150 Lightning. It's 2 $200 parts to convert from NACS->CCS1 (one for DC, one for AC). The connector type doesn't matter. CHAdeMO requires an adapter that costs thousands. It's not comparable.
CHAdeMO to Tesla adapter: $565. If adapters in the reverse direction from NACS to CHAdeMO cost thousands, it's because the market is too small to achieve economies of scale. Yeah, you need some active electronics to negotiate the protocol, whereas NACS uses the CCS protocol, so you can do it with a passive adapter, but the actual DC is still DC.
About the only thing any cloud service for printing provides is a way to monitor the printer and send jobs to it when you're not on the same network. And the only reason this is still an issue at all is that too many folks are still stuck on IPv4.
I like their products. I just want printing without fuss and without having to learn every detail about leveling, etc. Their product works for me and I do not care about its openness, it is about as important for what I need it as my headphones being open sourced (not at all). So this product is for my use case, not for people who want to control every aspect of their printer and every software feature.
The problem is that their model works until it doesn't.
Having a good out-of-the-box "it just works" experience doesn't preclude letting people tinker. If anything, letting people tinker results in a better out-of-the-box experience in the long term, because the manufacturer can see what people are doing with their technology and can clean it up and make it more broadly available if it is useful. The key is ensuring that the default experience doesn't require tinkering for the majority of customers. And seeing people tinker shows you where the sharp edges are that need to be polished.
But more than that, locking down this sort of hardware means that when you inevitably run into some limitation, if the manufacturer doesn't provide a way around it, you're stuck. And the problem is that a lot of users of advanced tools like this are in a situation where 90% of their use is common to all other users, and 10% isn't. And different users have different 10% use cases. So you could be in a situation where 80% of your users need one thing that your product doesn't support, but it's a hundred different "one thing"s. This makes support very difficult if you don't allow tinkering.
But the worst part is that you can't know for sure whether you're going to be in that 80% until you run into the use case that they don't support out of the box. It could be a week, a month, a year, or several years. And then you're stuck with this hardware that won't do what you need, with no way to fix it, thus forcing you to replace it with a product from some other manufacturer.
So even if you don't think you will ever want to tinker with your 3D printer, assuming all else is roughly equal, you're better off choosing the printer that gives you the most control of the hardware, because that is the least likely to box you into a corner and make you regret your purchase someday.
Same discussion as 30 years ago with open source clones of messaging apps such as ICQ. The open source client pretends, on those days through reverse engineering, to be the official client. Ultimately, it was okay then, because it was beneficial for the operators to have a larger network of users who can talk to each other. Does this dynamic apply here?
I'd have gone with "Every web browser is Mozilla", personally, but yes.
If you're using a user agent for any sort of security purpose, you're not just doing security wrong; you're doing security so wrong that somebody is going to write an entire book as a postmortem about your company.
Moreover, if your service can't handle the traffic of a mere thousands of clients (four-digit QPS) hitting it at once, you have much bigger problems than security. I forgot how to count that low a long time ago.
Finally, the elephant in this room is that those "unauthorized" clients are YOUR USERS. They are people who bought YOUR HARDWARE and want to use it with your service. Basically, you're flipping off your paying customers. That's the fastest, easiest way to ensure that you don't have any of those anymore.
Threats of lawsuits (especially to open source products, which do not have deep pockets) are the new corporate approach to what would appear to be appropriate reverse engineering. The only way forward, if you disagree, is to refuse to purchase any Bambu products.
Already done. When I was choosing what 3D printer to buy to replace my aging Snapmaker A350 last year, I read about Bambu's questionable commitment to openness, and decided to buy a Creality printer (K2 Plus with CFS) instead. Over the year that followed, I bought a Creality Hi with CFS as a second printer, plus two additional CFS units, a filament dryer, a spare Creality tool kit (since the Hi doesn't come with one), and more than half a grand worth of filament.
I've personally spent well close to $3,700 on Creality products in the last year (not counting third-party filament and the DXC2 extruder upgrade) precisely because Bambu comes across as being a bunch of litigious a**holes who are trying to lock down their products and prevent users from being able to modify the hardware that they bought.
As far as I'm concerned, they've dug their grave in the 3D printer market. Stick a fork in it. They're done.
They've had 22 years to figure this out, but now it's a crisis requiring a rush mission because nobody thought it was important enough to do something a year ago, or five, or ten.
...modems (C series)
There would be some perverse irony if Apple ended up manufacturing cellular baseband hardware with designs from the cellular modem team that they bought from Intel, and did so using Intel's foundries.
How great is it that Trump requires Apple to do business with Intel
Intel is one of the top three semiconductor manufacturers in the world. If a company wants to practice the sound engineering principle of second sourcing they are a top choice.
It's a good idea in principle. If Intel can actually catch up. Otherwise, it will be like the cellular modems, where Apple second-sourced from Intel, and the product was crap, so some devices had noticeably degraded performance compared with the ones that contained Qualcomm radios.
Please, please, please let it be Apple's main processors.
TSMC has a high volume process lead over Intel. Apple will probably use Intel for older CPUs going into lower end machines and devices.
Except that they would have to presumably reengineer the old silicon for Intel's process, which kind of defeats the purpose of reusing old designs to save money, I would think.
Plus, CPUs are not the only chips that Apple needs. Not all chips need the latest process.
I think you're on the right track with that one. Apple uses a lot of CPUs that aren't the main CPU. For example, every current MacBook Pro has a T2 security chip that handles encryption. The next generation of that could be designed to be manufacturable on multiple processes; it is currently built on a 16nm process.
Apple also uses CPUs in things like the Apple Watch, where absolute performance isn't as much of a factor as temperature and power consumption. I'm pretty sure Intel is already able to make chips in volume that beat the 4nm process that they use for those.
Which one?
Kids clearly learned this sort of behavior from cartoons. We must BAN CARTOONS! Won't someone think of the children?
No, I'm not serious, and the fact that I'm having to say that tells you pretty much everything you need to know about how utterly stupid all of this is becoming.
Think about it
If the U.S. can do that, they can put drones in the air and create a Starlink-based swarm network providing free Wi-Fi to everyone, replacing the hardware as it gets shot down. Nobody has to have the Starlink hardware if it is a few hundred feet up — complete anonymity and complete destruction of the government's Internet blackout.
because countries that have outlawed paying ransoms to kidnappers have broken the kidnapping industry?
this doesn't work, it just makes more people criminals.
But corporations are not people. Corporations exist at the mercy and whims of the state. And corporations have to tell who they paid money and for what.
If you make it illegal for corporations to pay ransoms to the tune of "If you get caught, your corporate charter is revoked," it won't make more people criminals; it will make it nearly impossible for corporations to pay ransoms without the corporation ceasing to exist, which would make paying the ransom entirely moot.
But for it to work, the cost of getting caught and the odds of getting caught would both have to be high enough to exceed the cost of throwing out all the affected equipment and rebuilding from off-site backups (or starting over from scratch). Otherwise, they'll just pay the ransom.
You mean like... cellular signals?
It is not for me to attempt to fathom the inscrutable workings of Providence. -- The Earl of Birkenhead
