487
this post was submitted on 24 May 2026
487 points (97.3% liked)
Technology
84891 readers
3619 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
yeah, a lot of PR effort for Bambu while the reality is slightly different.
An example: they say: we didn't patch the security hole (the user agent "chech") because the user experience would have been affected blablabla...
Well, they introduced this security hole on linux BECAUSE they deployed the new mandatory network "plugin" (that you are forced to use because: it's automatically installed and it's mandatory to print even locally) without providing a working solution for all their linux customers when deploying it.
Yes! They didn't implement a real authentication solution for their own linux implementation AND they didn't answer to their linux customers who had the software broken for MONTHS.
And them providing this user agent hack solution months later allowed anybody to understand how it worked without retro engineering their network plugin (something the article forgot to mention but it was the main attack vector of bambu against the developer threateninghim to go to federal jail, something they also forgot to mention).
Great user experience mindset here. Breaking their printer to introduce a mandatory connectivity plugin (reminder: linux is officially supported on the marketing pages) and threatening those who try to fix it using just what the license allows them to do.
I suspect the DDOS attack they had on their cloud service is more linked to their change of mind regarding this mandatory network plugin.
It could be all the linux client trying to download their network plugin but failing and retrying in loop. That wouldn't surprise me following the user agent choice.
Or people unhappy. After all, they changed the terms of the contract after users bought the printer. Really a Dark Vader style of user experience here!
If you want to avoid this kind of amateurish/parasitic behavior, buy the original: Prusa.
I've one printer from them since many years that I upgrade each few years. Currently, I'm waiting for a sale for the upgrade kit to the Core+
Once I got all I can from it, my upgrade from A1 Mini is gonna be Prusa lol, should have aten the price difference at first.
Yes they are expensive but the fact that you have an official (and supported) upgrade path possible for my little printer bought more than a decade ago is really recommendable. And I love mounting it myself. You learn a lot about the product during this process.
The practice of hacking old electronics?
ha yes, it's retro in my native tongue but reverse in English. Well, I keep it because i find this mistake funny :)