Roy Sigurd Karlsbakks blogg

On November 23, I posted this post regarding the lack of security with Bambu WAN mode. Today, they replied and I said their developers mostly had a background in robotics and thus little understanding of internet security, but they’ve started to educate themselves

want to comment on some misunderstandings here

“The printer doesn’t have an ethernet port and wifi isn’t secure with PSK”

It is important to point out that this statement is not entirely accurate as the printer supports Wi-Fi security protocols, including WPA/WPA2-PSK.If the WLAN is protected by WPA/WPA2-PSK, which is generally the default security protection nowadays on wireless routers, the WLAN connection should be relatively safe.

What I wrote in the article, was that anyone with the known PSK, that is, anyone connected to the average access point used, will be on the same network. That the network is encrypted with WPA, still means they all have the same key, so once logged into the network, it’s all cleartext between clients on that network. Still – it’s better than nothing, but the best thing is to encrypt everything.

So, they summerise

The security of the LAN mode depends on the security of the WLAN at the moment. It is vulnerable if the LAN is not properly secured. We will work on an improvement for this by January 2023 and we will share an update when that becomes available.

The HTTP connection to the cloud vulnerabilitty has now been fixed.

This is good! Kudos to Bambu lab for fixing this quickly!

The cleartext keyID is a misunderstanding.

My apologies.

So, the WAN connection is a bit safer, and the LAN connection works, ish. All we now need if we want to use this in LAN mode, is a working camera.

roy