this post was submitted on 17 Aug 2023
125 points (96.3% liked)

Technology

34893 readers
928 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
 

This is a good example, why not all devices should be connected to foreign servers. Errors can happen everywhere. But it could end badly, if some Corporations make errors and creating trouble, which would otherwise not happen.

In the case of the 3D-printer it is not that bad (except it destroys itself or even gets on fire), also you can turn it off. But imagine a smart stove top that lights up a towel (or something similar) while nobody is home.

Not, that I think that it is not useful to have something like that, but wouldn't it be nice, if that stuff would work locally? (with the WireGuard integration in modems, the access from outside of home with the smartphone, should also be no problem for non-tech people)

top 25 comments
sorted by: hot top controversial new old
[–] sugar_in_your_tea@sh.itjust.works 15 points 1 year ago (6 children)

Ideally, almost no devices should be connected to the internet. Things like 3D printers, TVs with microphones/cameras, etc should be in a DMZ and have outgoing-only access to a restricted set of services.

If you're running anything close to a professional operation, set up your site professionally. For home users, I recommend sticking with SD cards, it's only mildly more annoying for the frequency of printing you're likely to do.

[–] buckykat@lemmy.blahaj.zone 11 points 1 year ago (1 children)

Octoprint is great, connecting the printer to somebody else's computer is crazy

[–] sugar_in_your_tea@sh.itjust.works 4 points 1 year ago (2 children)

Yup. I'd still put it behind a VPN though, just because of the inherent dangers in starting a 3D print job remotely.

[–] Nate@postit.quantentoast.de 3 points 1 year ago

I agree, using a VPN is generally a good idea (if the alternative is exposing it to the web directly).

[–] bjornp_@lemm.ee 1 points 1 year ago (1 children)

I have an nginx reverse proxy with http auth, myself. It's such battle tested software that I trust it fully

[–] Zikeji@programming.dev 1 points 1 year ago (1 children)

For anyone doing similar: battle tested software is still fallible, and exploits could emerge at any point (same goes for VPNs). Be sure to set server_tokens to off, this prevents NGINX from revealing it's version to the world, which will help protect you in case an exploit is discovered down the line.

[–] bjornp_@lemm.ee 1 points 1 year ago

That's a good tip. Also: have your servers auto-update weekly. You will forget.

[–] mnemonicmonkeys@sh.itjust.works 3 points 1 year ago* (last edited 1 year ago) (1 children)

There's benefits to having your 3D printer connected to the internet though. It allows you to monitor the progress and lets you cancel the print if there's an error, potentially saving uou a lot on filament and repairs.

That being said, having them connect to centralized servers is dumb. Just add a Raspberry Pi with octoprint flashed onto it and set up your own connection if you want that feature.

You can also just VPN in. It's not hard, and many routers have that ability today.

[–] flames5123@lemmy.world 2 points 1 year ago

Is there a guide for setting up a DMZ? I have a Nest cam for our dog (bought wayyy before Google bought them out) and use HomeKit for everything that allows it, but those devices have their own apps too so they have almost unfettered access to the net. I like having my AC on internet so I can turn it on/off when I’m not home in case I forgot to turn it on that morning (living in the PNW, so we don’t need it every day in the summer, as open windows are good enough and free), so I get home to a moderately cooled place rather than a hot box.

[–] ramble81@lemm.ee 1 points 1 year ago

Even if it allows that set of services, if the device allows any sort of control via that service you could still end up in a bad situation.

[–] Dubious_Fart@lemmy.ml 1 points 1 year ago (1 children)

Yep.

TVs, Fridges, Toilets, Dishwashers, Clothes Washers/Dryers, Thermostats, and a whole range of other things do not, and will never need, access to the internet.

By giving them access to the internet, you are just lighting a fuse and waiting for the bomb to go off. Maybe that bomb is personal banking details, maybe that bomb is financial in that someone cranks your AC up to 150 when you are gone for a week and come home to house full of heat damage and melt, or maybe that bomb is a 3d printer that turned on, malfunctioned, and burned your house down.

IoT is stupid.

And the worst part is, you probably can't sue that IoT company for damages.

i want to have my PC connect directly to the internet so there can be incoming traffic directly to it rather than thru a router

[–] autotldr@lemmings.world 11 points 1 year ago (1 children)

This is the best summary I could come up with:


3D printers are one of the few remote-controlled devices in a house that can get hot enough to start a fire, and now, we’re learning that remote control system wasn’t fully thought through.

(Even if Bambu’s printers do have thermal runaway protection that might prevent a true fire from breaking out, Maker’s Muse suggested in January that system needed improvements, too.)

“Our team is working closely with our customers to provide the necessary assistance and make sure they are able to get back to printing in the shortest time possible.”

Issues like this also make us wonder about potential misuse and hacks, of course — if this printer can be remotely controlled by cloud servers to such a degree, what’s to stop Bambu employees and hackers from abusing that, including the live video feed from its cameras?

To Bambu’s credit, the company has a robust LAN-only mode that you can turn on in the printer’s settings, which allows you to send jobs over home or Wi-Fi instead of across the internet.

(Bambu even recently updated it with live video streaming over LAN, though you can currently only access that from the desktop slicer app, not your phone.)


I'm a bot and I'm open source!

[–] FartsWithAnAccent@lemmy.world 6 points 1 year ago

laughs nervously in Creality while house burns to the ground

[–] jayandp@sh.itjust.works 6 points 1 year ago

Recently at work they replaced the AEDs with new models that support Children, and have a Spanish guide mode, super nice. But they also are now connected to the Internet so that they report any usage and order a new set of pads automatically, plus it has a bright screen constantly cycling through advertisement of what the device is. Also for some reason the power button isn't actually a power button, and just triggers the start-up process while calling back to base, just like touching the on-screen buttons or pulling out the pads will do.

What could go wrong?

[–] Poob@lemmy.ca 2 points 1 year ago

Some things should only be connected to the intranet

imo i wouls want my device to connect directly to the internet once ipv6 comes along to allow for incoming traffic without editing configs

[–] DeltaTangoLima@reddrefuge.com 1 points 1 year ago

Interesting. I've just gone through Bambu's main website, and the product specs, and there's no mention of cloud connectivity except where it says "You can send prints by Bambu Studio ... control your printer anytime anywhere".

So, do does anyone know if Bambu printers explicitly require cloud connectivity, or can they be used without it? I was actually considering buying one until I read about this...

[–] uriel238@lemmy.blahaj.zone 0 points 1 year ago (2 children)

Yeah, I just moved into a place with a Nest preinstalled. I'm terrified the thing will, any day now, become part of a zombie botnet.

I need to get it DMZ'd

[–] Vendetta9076@sh.itjust.works 1 points 1 year ago

Take it out of the wall.

[–] inetknght@lemmy.ml 0 points 1 year ago (1 children)

imagine a smart stove top that lights up a towel

Who in their right mind puts a towel on a cooking surface whether the surface is in use or not? That's begging for problems to occur.

[–] over_clox@lemmy.world 6 points 1 year ago

I take it you don't have children.

I don't either, just saying...