this post was submitted on 24 May 2026
502 points (97.4% liked)

Technology

84891 readers
3619 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
502
'Fuck you, Bambu': How one private message could change the face of 3D printing (www.theverge.com)
submitted 1 day ago by floofloof@lemmy.ca to c/technology@lemmy.world
102 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.bestiver.se/post/1124610

Comments

you are viewing a single comment's thread
view the rest of the comments
[–] thenewred@lemmy.world 115 points 22 hours ago (2 children)

I'm surprised this isn't a bigger part of the story.

Bambu's authentication is just the client saying "I am Bambu Studio". The server completely trusts that with no additional authentication.

It's like setting up a website with a user login, and if someone puts in "admin" in the username field without a password, the system says "sounds good" and lets you in. And then the website owners getting mad that someone hacked their system.

Blatant incompetence. I can't believe they're using their stupidity as an argument.

[–] gian@lemmy.grys.it 1 points 3 hours ago (2 children)

It’s like setting up a website with a user login, and if someone puts in “admin” in the username field without a password, the system says “sounds good” and lets you in. And then the website owners getting mad that someone hacked their system.

Blatant incompetence. I can’t believe they’re using their stupidity as an argument.

You are right, but technically speaking it would be a crime anyway. It is not that if you leave your door open then entering without permissione is not a crime.
While Bambu Labs obviously is trying to implement some sort of subscribtion model, and they are doing it in a bad faith way, for shitty as the authentication model is it is not an authorization to enter freely.

[–] SirQuack@feddit.nl 2 points 2 hours ago

You are right, but technically speaking it would be a crime anyway. It is not that if you leave your door open then entering without permissione is not a crime.

Leaving the door open and people walking in isn't a crime, unless explicitly mentioned otherwise (may vary on jurisdiction), but faking a login is a lot less denyable than using the same User-Agent as some software (famously a bad marker for authentication).

[–] spicehoarder@lemmy.zip 1 points 2 hours ago

I don't know where you live, but leaving a door wide open is literally an invitation to "come in" And as far as I understand things correctly, it's been like that for a few thousand years.

[–] starman2112@sh.itjust.works 28 points 16 hours ago

Important to note that the license they release their software under explicitly allows users to do exactly that