Bambu Lab: We’re not Bricking Your X1-Carbon

(Image credit: Tom's Hardware)

Bambu Lab’s announcement of tightened security around its popular X1-Carbon 3D printers backfired, as the community interpreted the measures as a threat to their favorite 3rd party accessories and a move deeper into a walled garden. The security features are included in a new firmware update, currently in beta, and only available to X1-C owners. Bambu stated in a blog post last Friday that tightened security would be slowly rolled out to all its printers, such as our favorite Best Overall 3D Printer, the P1S.

In response to the outcry, including several scathing YouTube posts from 3D printing enthusiasts, turbulent Reddit threads, and an F bomb laden rant from right to repair activist Louis Rossmann, Bambu Lab has apologized with a second blog post.

The company said it wanted to “set the record straight” and clear up several false claims:

We want to make it absolutely clear that all of these claims are entirely false:

Bambu Lab will remotely disable your printer ("brick" it).
Firmware updates will block your printer’s ability to print.
AMS functionality will be restricted, and the use of third-party filament will be disabled.
Bambu Lab firmware contains trojans or backdoors for unauthorized remote control.
The printers have a timed killswitch that disables them after a certain period.
All 3D files printed are monitored, duplicated, or stolen.
A subscription will be mandatory to use your printer.

~Bambu Lab’s Spaghetti Monster

The blog post announced that a LAN “developer mode” feature would be included in the new firmware, allowing advanced users full control of their network security. This mode, which will need to be manually selected on the printer interface, would leave the MQTT channel, live stream, and FTP open. Bambu Lab also stated this mode prevents the company from providing customer support for the 3D printer.

Bambu Lab said it regrets the misunderstanding and wants users to know that it has no intention of forcing users into a closed ecosystem. It also clarified that the firmware is still in beta testing, and feedback is welcome.

See more 3D Printing News

Denise Bertacchi is a Contributing Writer for Tom’s Hardware US, covering 3D printing. Denise has been crafting with PCs since she discovered Print Shop had clip art on her Apple IIe. She’s been a freelance newspaper reporter, online columnist and craft blogger with an eye for kid’s STEM activities. She got hooked on 3D printing after her son made a tiny Tinkercad Jeep for a school science project. Excited to learn more, she got a Creality CR10s and hasn’t looked back. She loves reviewing 3D printers because she can mix all her passions: printing, photography and writing. When she’s not modding her Ender 3 Pro or stirring glitter into a batch of resin, you’ll find her at the latest superhero movie with her husband and two sons.

More about 3d printing

The 3DBenchy is Back

How to Convert Texts into 3D Models

Budget 27-inch gaming monitor hits all-time low price of $129.99 for Presidents' Day

See more latest

5 Comments Comment from the forums

J4ck1nth3b0x

The irony of all this 'tightened' security was that stunning job of extracting the private keys and certs a day after the releasedate of this new firmware, what security?!? Blatant lies and nothing more from Bambu Labs.
Reply
mike.stavola

I only learned about this last night, but I haven't heard anyone make any of the "false claims" that were mentioned. The actual claims were that bambu can and will change functionality of their product after you purchase it via firmware and software changes, as per their EULA, which was demonstrated with the latest firmware update.
I've also heard that you can't even set this thing up without downloading and running their own special software, and "better security" meant "removing all third party support."
I was going to get one of these, because a few friends were very enthusiastic about bambu labs' products. But... I'll probably get another creality printer.
Reply
bigdragon

Changing the terms of the sale after the sale has taken place needs to be made illegal. It's time for regulators to step in and stop any more of this abusive practice more and more companies are implementing. Bambu wouldn't be trying to backpedal if their keys hadn't be compromised.
Reply
USAFRet

mike.stavola said:
I've also heard that you can't even set this thing up without downloading and running their own special software, and "better security" meant "removing all third party support."
I don't know if it is that way now, but it was not when I got mine, over a year ago.

My X1-C is on the latest firmware, and see exactly zero issues or functionality changes.

Apparently, one of the main questions stemmed around using different slicers.
Reply
jhawkins128

They are ignoring the biggest complaint and trying to gaslight the world about it... People only pointed out the ability to brick these printers as an extreme example of what could be done. The actual complaint is that Bambu Lab is forcing users to run all work that goes to the user's printers, through an unnecessary and insecure Bambu Labs interface. Which allows much more plausible unwanted and difficult to detect snooping of user actions, etc.

The best part is no part, so there is no reason for Bambu to insert a snoop interface between the user and the printer. It is doing nothing for users, but it is costing them complexity and security, and is removing their self-agency with their printers.
Reply

Show more comments

Stay On the Cutting Edge: Get the Tom's Hardware Newsletter

Most Popular