What is Inside a Bambu Lab Log File???

And now there is an easy way to convert that gcode back to an stl. Mind you the fidelity isnt 100% there, but still

@@3DMusketeers fidelity would also depend on the resolution/layer height you sliced at, finer resolution == better fidelity. It's Concerning regardless, GCODE still gives access to be able to print the part(s).

@@3DMusketeers, could you elaborate on why the folder on the right didn't have a gcode.tar.gz?

@Bletotum absolutely! It has a 3mf outside of that specific log folder. What we believe happens when you create the log is that it unzips the 3mf file into its components, which would explain the rendered photos that end up being your thumbnails for the parts.
@timbrookman366 yes, the better the slice, the better the convert.

What worries me is your lack of reading comprehension. Show me a 3MF or STL file in the logs. Yes, the "machine code" that was sent to the printer, and controls the printer, is in the log file. Shocking!!!!
While you can reconstruct the final print from the gcode, you can't reconstruct the original pre-sliced model.

Nope, it's a decrypted log. We compare to a data dump to show in the beginning

Absolutely!

TBH that didn't surprise me at all.

Thank you!!

I dont have any claims for or against that lol. Just the facts ;)

Not to defend them, but it might be easier for them to create the file directly encrypted... Imagine if they just sent a zip and someone got in the way. It would be a major security issue.

oh I have no doubt it is easier, in fact the MCU they chose specifically is marketed to do the encryption, but dont lie to me about what it is in it lol

@@Ale-bj7nd You don't need filesystem encryption for that, you just send it through an encrypted tunnel.

My day job is Cyber Security, so my opinions are tempered a bit here, but in our line of work we encrypt everything like that as these logs contain details that would allow an attacker additional information that could allow them to completely compromise your system. As the files are queued for potential sharing with support, it makes sense to just archive and encrypt as part of the regular process rather than ONLY doing the encryption Just Before you submit.
That said, Bamboo went overboard on what's included in those logs. I can see the g-code being useful if you were debugging a print quality issue, but that should be optional and not by default. Also, no need for historical print images. I'm more inclined to say that this is due to Lazy Programmer Syndrome, "I'm just going to include everything just in case and it takes too much time do determine what's REALLY needed" than actual nefarious evil intent.

Thanks!

Yes the one I went through is not the dumped memory, it is a decrypted log. The full 3MF exists on the file dump and we believe that whole gcode folder is just the uncompressed 3mf file split up.
Dude thanks for that whole dive into it more, as my day job is definitely not linux stuff. I think Hanlon's Razor is best appropriate here. And the X1Plus guys seem to agree. That likely this was outsourced to someone/team and they never bothered to turn off the extra logging for the testing purposes.

@@3DMusketeers Agreed

We made sure to show everything, not just what we had issues with, that is how this is a fair showing of the logs and not sensationalized BS lol.

I didnt notice anything in terms of patterns. Likely I was using the wrong program to view, but the right one is unknown to me

email me if you would like and you can help there. I cant code worth a damn lol

Running file most likely will result in data or binary file. You can just disassemble or use strings or the hex editor for further analyze. If it's encoded or encrypted, then you most likely need to reverse engineer the Bambu firmware to decode/decrypt the file.

I will ask the X1Plus guys if they can help

The bin files are scan data used by the “AI” checking for first layer defects.

Alas we cant dig into those at this time. It is not my skillset. I am the guy that is happy to report it though

Absolutely. Thank you

Thanks sir!

that's why the pictures don't surprise me. In fact I half expected video. lol

What you see is the machine log file generated to be uploaded to Bambu when a user clicks the log export button.
My machine was attempting to make connections to servers according to the log file and was cleared, somehow, to upload data as well. This is covered in the video.

@@3DMusketeersdid you have lan mode set ? attempting to dial home in lan mode is something I am sure a lot of people would want to know.

I had wifi turned off completely. It was STILL trying to phone home.

I have really enjoyed my build EXCEPT for the belt routing lol

@@3DMusketeers Zombie Get in the stream! Grant needs help with the Front idler belt routing

LOL. It was a disaster!! My way was the right way and I stand by that ha ha ha

​@@3DMusketeerswish me luck then... in March!

Yeah, I think I’m gonna go ahead and reach out to cancel my AMS order… probably better to put that money towards a Voron as well. Even that Prusa XL is starting to look pretty good again.

Alas, this is what I expect from the consumer mindset. But, my dear friend, I would pose this to you: If data has no value why would a company collect it? Dont give it away for free :) Be safe buddy! I know your use case is different than most!

@@3DMusketeers I see your point. But personally, I like using the cloud, being able to pull up the Bambu Handy app to view the status of my print while out and about is useful to me. So that's a tradeoff I'm willing to accept. But I can see how this could be a concern for others. But I also feel that it is important to know what they are logging, and you've been able to show us that. And now people can make a more informed decision as to how they wish to run their machines. P.S. Sorry I missed the live stream. I was a little busy this morning. 😁

I get your use case, because I know it. Some will be willing to, others wont. I believe the education side of it is what is important. Bambu said to just trust us. We have proven that is not what one should do.

intellectual property has never been something the CCCP respects...just saying... ever read the EUA for ticktok? NEVER install that on ANY of your devices! EVER! Any company from china is not to be trusted due to their "unavoidable" full disclosure of every aspect of their business with the cccp. No. It's not a conspiracy theory...it's the truth. I thank 3D Musketeers for exposing this. Good on ya!

Absolutely!

Thank you!

thank you!

No, actually.. I'm not sure if it would. Those links are to an AWS server in US West. So unlikely. It's more likely they expired as links but are still present.

Here's hoping it lives up to expectations!

These are the logs that are exported from the machine when you tell it to do it.
I have given up reading the Privacy agreements for Creality. It is a waste of time just to get mad lol.

The problem is that until the video you didn't know what you were sending to Bambu Lab because the log files are normally stored in encrypted form. If the log files were stored in plain text, then you could take a look at them in advance and see if there is anything in there that contains private information.

From a US company, and cheap, no chance. Us labor is so much more. Some compromises will need to be made.

@@3DMusketeers what’s considered cheap? I’m willing to pay for a great printer.

you are going to spend a lot of money these days for USA made.. I think the Prusa XL is a great choice, but not made in the usa.

No references to klipper or Marlin that we could find.

indeed

Doesn't the A1 have a privacy slider for the camera?

@@the_realist_John_Doe You won't always have it on especially if you want to use the camera

So what exactly do you think is being displayed in Bambu Studio in the timelapse section before you download the video?

@@the_realist_John_Doe Yes, but it primarily acts as a diffuser for the light. It is therefore only milky but not opaque. Cameras on laptops, for example, are usually covered with a black piece of plastic or are disconnected from the power supply. On my Think Pad, the camera is moved behind a cover with a slider.

Yep. It's all logged. It's plain text though. Being based off of Prusa slicer it's nothing too bad, but since we found orca slicer and use stealth mode for it, we never looked back to Bambu Studio.

:/

Yeah..imagine if you're in Texas or somthing and someone sees what you have going on and reaches out to you to do some sweet r and d parts. You print them and then 8 months later they show up on ali. Oof. Good way to get yourself in trouble.

Possible, yes, but since I'm running stock firmware with a rooted machine using X1P and it's before they are working with Bambu, it's not likely. Being a small team, they have no agenda.

Maybe because it is actually what is in the files and you really cannot refute a fact lol

never connect it online. is it enough? I dont know. Never connecting it and never sending a log is how you avoid data being taken. Oh, and use Orca Slicer on stealth mode

Lan mode just allow you send files to printer directly with out going through the cloud but the printer is still connected to a network that has access to the Internet.

It will be fully open sourced when it is released, there is no need.

AFAIK - correct me if I am wrong - the X1Plus firmware delegates to the underlying functions of the original firmware. It acts as a kind of facade to add functionality and provide an alternative UI. Thus, the log file will also be created and sent to Bambu Lab whenever the user asks for.

@@stal1963That is my understanding as well

This is literally the log file that you send to Bambu. It's exactly what the machine exports.

You just answered his question, it's the log file that YOU send to tech support, and not something that is sent on it's own, lol. I see you're in full damage-control mode and hiding any comments that pushback on your theories, lol.

@@heffe2001 I answered it in the video too...
But yes, we are removing comments that are just rude to be rude, per the description. If someone is just being rude for no reason, their comment will go away. If they are being critical, that is fine, but be nice, and be factual where you can. Attacking people because you disagree with what is shown will not be tolerated.

@@3DMusketeersYou realize that the lion-share of the things you found are just normal linux logs, or things that would be necessary for support to actually help you with an issue, right? I mean, even klipper & an obico local install keeps a ton of info similar to what was shown in the video. People have been collecting wireshark logs on these printers for months, with zero evidence of the printers sending anything on their own..

@@heffe2001 Yes I am. We left all that in there for full transparency spec. Only a few things we found give me any cause for concern, but it is enough for me to have problems and I think that anyone who reads the Bambu blog about what they do and dont do in the logs would also have some cause for concern.
But, than again, people may not, I dont know.. We expected many to say they dont care, in fact I had a whole section on this in the video, however we cut it because it was WAYYY too much opinion lol. Clearly we should have left some of that in it seems. We are learning..

I am not aware. Safest bet, right now, is to run offline, using Orca in stealth mode.

Mine has never and will never be network connected

I have been eyeing those.. they look like great value

oh dang, did I miss seeing that?? sorry! OOPS

Unfortunately we wont be digging into the handy app. We wont be risking the privacy of our clients for that. Someone else will have to do it. Maybe you? I dont know :)

​@@3DMusketeersthere keyword "privacy of clients" everyone defending Bambu keep comparing their personal data from Facebook, Google etc. they don't seem to understand that is more at stake than their person data. I don't think they realize legal ramifications that can happen due to clients data/designs getting leak to a 3rd party

If this was all in a plain format this video would not need to exist. Because nothing would be secret

They are stored encrypted because it's easier to encrypt one log at a time as it's being written than it is to encrypt everything at the same time to send it off, as 3D Musketeers would also complain if the logs were not encrypted when being sent off.

I dont have an issue with the encryption, I have an issue with the hiding behind the encryption and giving users false information. I just want the truth. That seems to upset people. Which gives me cause for concern for what they care more about..

@@flat_stickproductions209 Encrypting something during transportation is not a big problem. Your comment was encrypted when you sent it and decrypted again when it landed on the TH-cam server. In the same way, the content of this page and the video are transmitted in encrypted form and your browser decrypts the whole thing in real time. So it would be no problem to encrypt the logs in real time when you send them to Bambu Lab.

@@andreas.grundler it's different when you have a 3d printer running on a potato vs an i9 machine.

not a bad way to look at it, but it is safe to assume if you Bambu is online, they have 100% control over it if they want

@@3DMusketeers that does seem like a valid assumption and something to think about more.

for sure,. but given our machine is offline, its not something we can dig into alas

@@3DMusketeers Well, they did cause their printers around the world to start printing a model in a big goof So they can push prints I'd guess they can push firmware updates but can they pull logs and other files on the printers

Yup the hate is rolling in unfortunately, Much by those who clearly are not watching.
Your comment on pro vs hobby is exactly what I expect from the community (and thats fine) I actually talked about it for a bit in this take but we took it out because its more opinion than fact lol.
I too respect what Bambu has done in awakening the race to other things than the bottom for pricing, and that is great, but they have hid behind these logs, claiming, now proven inaccurate, that the machines dont do things we can clearly see them doing. I agree, it is sad people dont care about privacy, or claim they dont, but those same people would tell the police to come back with a warrant, they close their blinds, and they wear clothes lol.. While I get it is not an all or nothing thing, they definitely talk like it is :/

When the company says you're not uploading your print files in the log though, and we find clearly you are, there's an issue.

I am not aware of any, but that does not mean they do not exist.

hmm, it should be possible. I have it off on mine.

Thank you

At least prusa lets you see exactly what you are sending, so you can decide. They are bound by EU laws which are much more strict. Creality has shown before to not be trusted, so I would not ever risk putting a creality machine online.

@@3DMusketeerstechnically, Bambu are bound by EU laws too if they sell their products in the EU. Maybe the right people will take note of this video.

@@3DMusketeers I assumed as much, I just don't know what a normal amount of info being sent over is. If you could make a video about that that would be awesome! That's all I'm saying with my message lol

by prusa or bambu or who? Because our machines must stay offline, I amy not be the one to do that video alas.

X1Plus.

X1Plus can run lan only with a shield, so its impossible for the machine to upload anything. But I still wont put my machine online.

No one printing parts that are sensitive are going to use this. Soon as you connect it to the network IT will disabled it and remove it.

@@user-jy8ud6bt5k Agree. I would not even consider this for a business, but as a hobbyist, it is not important. really want to use the new X1Plus which should fix the problem for everyone.

Most other companies that we have seen logging let you view it in plain text and allow you to turn it off.

That one I do not know.

​@@3DMusketeersThen test that.. Rename a plate to something else in your slicer (they're blank by default), add a 2nd plate, call it something else, and drop a benchy on it. Really not too difficult to figure that one out.

it does not. they are all plate 1 from what I see

Yes. If you have multiple plates in a project, and print only plate "3", the gcode filename will be "plate3.gcode". We have seen this as well.

@@AlAmantea Never something we tested, we normally only send one plate at a time. And it is done always via SD

It's possible. Only way to tell would be to get a new printer and do a series of tests.

I believe they are working on a better logging solution with Bambu. I think one may ALREADY be out, but I dont have that firmware to test yet.

Thanks for the support, glad you enjoyed it!!

It does, yes, but it is based on prusaslicer so you can view all that.
it is why we recommend orca on stealth mode.

It's like they were caught doing it in their old company and subsequently banned from doing business with the US govt....

So far we have really liked the Qidi lineup, but I can now be public about the Magneto X... and just sayin, it is that.. Yes it is more pricey but holy hell its nice.

I have been enjoying my qidi x max 3 but I've only owned it for about a week so take that fwiw. Qidi gives you a heated chamber too which the bambu does not

I have been looking into Qidi too. I like X-Max-3. Cheap too, if one can live without multi color. Haven’t heard of the Magneto X. Will look into it. Thank’s!

​@@johnhansson8646some people are working on an open source spool changer so you might not have to give it up after all

The Magneto X looks awesome. Too bad it can’t be ordered currently. The price is a bit steep too… Not too bad though. If I could have ordered one I probably would have 😀

I never connected my machine to wifi, so no, I do not, but I never connected it, so it would not have that anyways.

@@3DMusketeers ah your other video suggested network connection information, was hoping it was elaborated on/found in this video

The confirmation of the ssid info is confirmed from the x1plus team

@@3DMusketeers ssid and password was being uploaded to the Cloud/AWS?!
Or just stored local on the machine and never referenced in Cloud uploads?

I cannot confirm that at this time since I won't be putting my machine online. X1Plus will be available soon and you're welcome to check then. Don't forget, there has been a great deal of time between those 2 videos and Bambu has been changing things

LOL that one was funny though...
For those that dont understand this comment, it was something that happened in the discord.

correct, the P1P would see a lot more too. However, we are unaware of the level of logging in those machines

@@3DMusketeers valid since your testing was only on X1C.

And the only logs we can decrypt, currently, are the X1 series.

Yes I would have to send that log in. I have had multiple occasions where the log was required for them to help me and in fact is what led to me returning my second machine

@@3DMusketeers I am guessing you factory reset the machine before sending it back. Does it actually delete the log(s) on factory or do they magically stay after the reset? Not sure if I missed that part or if you tested after a factory reset sorry

@@Unkemp7 We didnt have the ability to see into the logs at that time. So we did not know. It does not appear to be a TRUE factory reset as we would like to see.

Hey, thanks for the $5! greatly appreciated!

I dont mind the SD card forever personally

you can block the printers internet access in your router. thats what I did. and: orca slicer in stealth mode :D

@@johannhans678That does not stop the logging.

These files are only sent when you send them to bambu....they are not just given whenever the machine wants to send them. You have to physically at the machine request it to produce this dump and then its only put on the SD card that you manually have to place into your computer and upload after reading all consenting documents on the support page. Multiple air gaps that ensure if you are going to send them they are under your own free will.

Well, to be fair, we didnt analyze the logs in this video, we just showed you, but yes SO MUCH WORK went into this.

yep, pretty much

the other thing a lot of people are glossing over is the company is basically DJI (all the top staff are DJI) which has a known history of this kind of stuff. Quite frankly with how heavily this thing is being marketed and pushed I would speculate its a CCP front subsidized to corner the market and steal IP. But I am the tin foil hat typw

Hope you enjoyed!

If you have not updated past 1.7.0 you can install X1P and get it all. Once they open up, I am sure there will be a way.

>reduced
Just buy an Ender 3.

Naw get a Voron.

Not being knowledgeable for GDPR I do not know.

GDPR relates to any kind of information that can be used to identify an individual. Too much to cover in detail here, but basically no such data is allowed to be stored without the explicit consent of the person at hand. It also states the right to request access to the material that has been stored about you, the right to request that stored information is deleted and a lot more. So if the collected information can be used to identify someone, then BL is in deep water.

100% it can. Mind you though, the machine knows where it is in the world, so they may have different settings in the EU, it will take users to install X1P to find out.

@@3DMusketeers Prove it - that would be a video worth watching. I don't own bambu stuff, but i'd totally volunteer a log :D

I mean, I cant, because I am not in the EU.. it will take someone over there to find out.

Nope, this is actually what's uploaded. This is a whole log

Does the video seem dramatic?
The lighting is so nothing in my background was visible, so no one could sit and say WELL THIS COMPANY OF SO AND SO MUST HAVE PUT YOU UP TO THIS or something. It was done to block out the printers in my background lol.
If you would share you external IP, your MAC address, and exactly what you are printing with everyone, I welcome you to comment with it below. Do note, links wont work in the comments because of how YT works, so do not bother linking the files. Instead, toss all your print settings, where you got the models and their names. That should be sufficient.
You perceive low hassle but miss as to why the price is so low. Remember, data has a value. You should make sure the data you give you are getting paid for. Mind you, the X1CC is what, around $1600 all in shipped? I think mine was like 1583 and change
You may not have issues with what is being sent, and that is clearly a different talk all about privacy, but you can at least understand the overall points: The bulk is normal, but overzealous, logging. A machine that was 100% offline is somehow authorized to cloud upload without granting such access. A machine that is 100% offline attempted to make connection to a cloud server a few times with some 3MF files. User print data is present within the logs. These are all things Bambu says that their machine do not do. Those are all causes for concern.

@3DMusketeers to me, yes, it did seem dramatic. I truly was glued to the monitor, thinking they were recording your voice or had pictures of you in your house...no sarcasm, I thought that's what you were building up to. This seems very similar to the privacy issues that Eufy ran into a few yrs ago and patched in a short period of time. I hope Bambu finds a solution to this issue. Unfortunately, it appears others are following suit with cloud solutions. You never pointed me in a direction of a color high speed printer in a reasonable price range. I've been running my Anet A6 for 9yrs now and was so excited to upgrade. Now I'm going to wait and see how Bambu responds. And no I wouldn't post my IP, I'll concedethat.

Okay, this is an honest question I ask with pure intentions: what could I have done to remove all branding behind me (even though it's unintentional) without doing what I did? Removing the machines is more work than you may think..
As for a cheap multi color printer, there's not much. I don't mind them being expensive, because multicolor this way is incredibly wasteful and most don't seem to care about that.
The new phrozen printer seems to be a dead Bambu clone so we will see how that comes out I guess!

​@@3DMusketeersI never felt like you had an agenda. It was the great lengths you went to prove you didn't have an agenda that made it feel so serius....and I get it is. This is your life, those prints they are trying to upload are you hard labor and an NDA violation. But I'm just an electrician trying to milk out a 9yr old Anet A6 until I can get into high speed and color printing machine. I really hoped the A1 was it. I print trinkets for my daughter and parts for my drones or workshop. Spending $1400 for Prusa that does color makes no sense for me. I'm not dismissing you in fact because of your video I'm going to wait and see before I make a decision. Hopefully BBL will allow people to opt out of this stuff for people like you. I would be willing to let them look at my prints to improve the printer. I'm still hopeful that I can get into this machine or something similar this year some time. Maybe you could do a show on "Bambo A1 competitors to consider"...just a thought.

Dude, the previous videos we have had people just rail me on every stupid thing they could.. So I took it all out lol. I guess if you dont have that context, this is an odd video.. hmm How to ride the line I guess by removing as much ammo for the fanboys but still keep the general look and feel. That is one I will have to think about.
The A1 is a fire hazard, so I would frankly recommend an Ender 3 before this. Literally any modern printer would be a better option at this point.
I think the desire for color is what will shoehorn you into only a few brands. Previous to this, if you wanted multi color you were doing it by layer, painting the models, or spending 70k+ on a true full color machine (like we did).

In the credit of Bambu, it is Chinese New Year celebration right now and everyone is on vacation, so I would give it a couple more weeks minimum. Bad time of the year.

It has made rounds but you are welcome to post where you would like :)

A custom community firmware for the X1 series. We did a video on it, linked in the description.

Yeah, its what we all kind of knew but didnt know until we got into it, now we do.

dont forget the info we had to redact, like IP's, MAC addresses, etc.
Not being familiar with Formlabs on the logging side, do they require a log for service?

⁠@@3DMusketeersI’m not that technical that I know what information they can extract from my ip or MAC address.
Regarding formlabs, the yes - they do require you upload a log file for service or trouble shooting.
At least for their form 2 and fuse 1.

I guess we would have to see what is in the formlabs logs to see if they are as problematic. They could be more specific and not giving out info like what is being printed. I would figure Formlabs's clientele would require this

​@@3DMusketeersthey would get your IP and MAC when you upload the file and connect to their server. They already have it when you use Handy.

but see, I dont. Never have, never will.

shame really...

I dont know how extreme that really is. We know Bambu has some level of control over the machines for sure.

dont worry, we will moderate the comments. No shenanigans here.

Well a lot of them are so loyal they defend the A1 fire hazard

​@@elchavode6479lol that's true

yeah :/

​@elchavode6479 Name one other company that has ever done a massive recall like they did with the A1. Creality has been known to cut corners and have melted wires, yet they would deem it user error or just fix it on a different version. 🤣. At least Bambu made the right decision to recall and also give and extra credit to users. 🤷‍♂️

We have a cr30.. I need to get it running. It was bought in a questionable state

Glad i bought x1c so sick of elegoo, for no reason nozzle drags over previous layer.... Fixed Gantry level, perfect esteps, perfect flow super smooth surface but still ...

@@sebastiann9279 How's their Saturns? I've heard great things about them.

I love my Elegoo resin printers. We have some saturns, mars's and Jupiters. All work great. Had some shipping issues with the Jupiter's but they are taking care of it when they get back

Unless you are required to send a log for support. Then no, there is no way. You can't stop the logging, not to my knowledge. Mind you, some of it is fine and good and likely quite helpful, but it all being together isn't my cup of tea.

unfortunately

That one you would have to ask a lawyer about

I would not know, but could generally assume yes. Driving a 22 year old car, it's not communicating crap back to the dealer LOL

Thanks lol

it is.

I thought the same thing. Like do a 1 for 1 hash comparison between them... See if there's any hidden aspects that are disguised as GCode...
I'm thinking there's so much more that could be going out over the network if this is the stuff that is EASY to find.

Nothing we could find was different from that gcode file and the one we pulled from the 3mf

They are not.

You got it. Not only do they not care they are making excuses for it. The facts are in front of them and they can't see it. They say I'm biased some how in this video that I use a bad tone. Like, bro, it's the most monotone I get. I spent over 6 hours just filming this to get good takes with no emotion lol.
It's frustrating, because I was hoping they would at least be open to seeing exactly what's in there. Instead they stick on NEEDING to see what I've obscured because somehow they feel it will make things better and not worse.
It's why I urged people to do their own digging.
Ugh.. sorry. I'm just frustrated already and it's only 8am. I'm going to have a good day but the level of people here apologizing for Bambu saying nothing is amiss is a huge issue

Not a big deal for me. I print and sell files from Patreon subscriptions. I don't work on NDA stuff for people. If you require a printer in an isolated environment I get it, but there are printers out there that cost more money and give you those capabilities. Or you could go cheaper and tinker more with your prints to get them to an acceptable level.
These printers are at a great price point for both consumer and business and produce quality parts. I have over 10,000 print hours on my Bambu machines and they work flawlessly.
I'm curious what percentage of Bambu users actually find this to be a problem as well. What percentage of Bambu users use these for business purposes strictly with projects under an NDA. Often ITAR is mentioned in Grants videos, but I would be surprised anyone uses Bambu for ITAR situations with all of the legal ramifications.

The average user likely wont care. That is a whole different conversation as to how people have been trained to not care about something companies clearly do.
Websites can collect data, but not on this level. This is reading lots of sensor data from the machine.
LAN Mode, nor SD only (Which is what I use) does NOT stop the logging, this occurs regardless.
I dont disagree that the price is right, but lets look at the value of the data. Now, we have nothing to suggest, at this time, that Bambu is doing anything nefarious with it, however it is certainly more than what is minimally required. Hanlon's Razor comes to mind here..
I would bet, given how popular these machines are, that many businesses use them, and those who arent read up on ITAR may make the mistake. But lets think about the 2a people, printing pewpews which upload a log to Bambu. That's a paddlin that Cody Wilson learned about first hand.

​@@3DMusketeers2a guys are uploading directly to MakerWorld.
Anyone involved with ITAR will have a security manager who is well read, I held that job for a couple years.

Some will, others wont. You would be surprised the small businesses we encounter that do ITAR work and have no idea on the significance.

@@3DMusketeersI don't disagree that if all of this data is sent to them automatically, it could be a bit much. You had said this was when you exported the logs. Is this 100% what gets sent to their servers? I thought I saw somewhere recently that some logs get sent, but if you contact support, they do ask for you to upload the logs. If they already had them, it doesn't seem like they would want to waste that extra bandwidth. I'm not hardcore on either side, but I just like to be an observer of these topics and chime in where I can lol.
I believe with like ITAR situations a lot of companies could potentially drop the ball. For example, Microsoft has no certification for ITAR compliance unless you upgrade to a special Azure license I believe. SO much stuff goes into that compliance.

Whistle blower? that is laughable. I spent almost a decade working in China and Taiwan consulting for technology companies. There is a reason why Apple does not flash the firmware on any of their devices manufactured in China and shipped them out of country to be flashed. there is no respect for data privacy. In addition all data collected by companies has to be stored indefinitely and provided to the CCP, that is the law and there are no protections for the consumer. There have been tons of documented cases of IP theft in China, so if you are printing anything on a Bambu, you have to make the assumption that there is the possibility of your design being stolen. China has invested heavily in data sorting and it is trivial to find a needle in a hey stack. I have always said if you are just printing objects you find on the internet or toothbrush holders, a Bambu is a great printer. If you are prototyping or making parts for your assembly line, Bambu would be the last printer I would choose.

If you are on their cloud, assume they have 100% control over your machine.
My machine is 100% offline, never has been online, never will be. The fact it says it is authorized to upload data to the cloud and was actively trying to access cloud servers is a huge issue.
I have my timelapses turned off, but photos are definitely in there, so it is possible I would think.
The logs are accessible by anyone with X1Plus which should be released shortly.
As a hobbyist as well, maybe my profession makes me more susceptible to seeing data privacy issues, but me personally, my data has value, as yours does. I aint giving it for free. Will the average consumer care? prolly not. but why is a whole different conversation

@@MrKornnugget Sure they can sort through data but to find a needle in a haystack you need to know what a needle is. Even if you had an AI using a combination of keywords and analysis of model geometry you would still have to take the results and figure out what in the world it was supposed to be along with any non 3d printed components that were required to finish the design. And that's assuming that they actually have all the models for the design. It would be like trying to build a jigsaw puzzle without the box for reference and not knowing if you had all the pieces.

@@UbberMapper Let me give you an example of something that recently happened to a company I was consulting with. A Korean firm was bidding on a multi-million dollar project to build a high-rise compound for a goverment project. They sent the models to a 3rd party to build a diorama or mock-up. The models were just the external miniature shells of the buildings. During the bidding process, a competing firm from China under-bid on the project with carbon copies of the Korean firms buildings. Internally the buildings were different, but the unique external design was almost identical. After a year of investigation, they found that the professional 3d printers had a backdoor and moved the models to an unknown IP address outside the firm making the diorama. I am not going to name anyone, because this is all currently wrapped in litigation, but I would never use any printer hooked to a network that has access to the internet and I would not make the job off the CCP easier by giving them access directly to my printer if I was printing anything, anything that was part of confidential IP. Also, any company operating in China has to, by law retain all collected data and provide it to the CCP. There are no protections for any corporate data in China, period.

oooh that one I am not aware of.. email me ;)
I am aware of Creality vs Artec 3D right now, not much else in terms of IP

I am not sure. They have had plenty of updates to this.. Its not like this is their first firmware revision ever.

Yep. But it seems fanboys don't care..
Funny how this video has the lowest average watch time of a video but the highest number of comments ever. It's like.. people came to leave a hate comment then left without watching lol

No, it is the log file. That is what they have. I also showed the dumped log folder in the video, in the beginning where we showed they were similar but different.
The thumbnail images in the gcode are likely just pulled from the 3MF, but just those couple. The photos from the camera are not slicer ones
it uses a spintrol MCU which encrypts on chip.
The machine is Busybox Linux actually. And yes, that is the boot sequence for the machine, you can see some of the little easter eggs from X1P as well.

Because that would have required me knowing what was in it 100% before getting a decrypted log. This, to me, shows how much proprietary data they are actually collecting

The machine knows where it is, so it may have different commands for the EU, but I would urge a user in the EU to do some digging if they can

Extra spicy

Enought time to pick up some popcorn

I'm not sure I want spicy popcorn ...

So what I got from all this is that bambu now has a picture of my weenus. Great….
Add it to list

Lololol. I only saw a preview of this and expected you to be calling ME orwellian here but this is so much better..
Not only for free, you're paying for the opportunity to have it occur!

Thank you for watching! :)

I dont think a fair bit of it is unnecessary for supporting, however, this just shows exactly what is being requested. Now it is on the users to ask why. I have shown you more than you would need to see to wonder exactly why a machine that has been denied cloud access is attempting to get to the cloud, why a company that on record says your logs do not contain your model files, yet they do, and more.

@@3DMusketeers we still aren't sure to be honest. I have sent logs to Bambu and it takes a very long time, much longer than my bandwidth should be. The data may be stripped and parts of the logs sent. We have the logs on your local machine, not the logs on the other side.

What can I do to help make you more sure then? or at least have a better, more informed opinion about it? I dont want to stray too far from facts, for various reasons, but happy to try and discuss more if I can!

absolutely!

We still see evidence of the previous owner's records on this machine including some in the print log. We do not see their photos though, those are all of prints I did.
And yes, it could be sent out by the new owner, especially if they send a log without knowing what is in it. That is why we wanted to do this video.

That’s still pretty scary for a previous owner. As for the rest I find this EXTREMELY disturbing.

thankfully he is cool, I mean, he sold this printer to us (broken) for a great price.

I mean, you should assume any internet connected device is sending some sort of logs.. yes, even your 2d printers.

One correction, it wasn't Zack that did it, it was CNC kitchen I believe, but I know for a fact it wasn't Zack. Otherwise I don't want to speculate too much but it's not unreasonable to assume that Bambu has 100% control over a cloud connected printer.

damn. i was debating if it was cnc or zack, but couldnt remember a german accent when the question was asked lol.
oh i 100% believe they COULD take control over any cloud connected printer.
i honestly think that if i was a mega corp ceo i would probably make some sort of backdoor too. i dont like it, but since everyone has them, you gotta have them.
say tomorrow a t3rr0rist starts making bombs or some shit using your printer. at some point you gotta do something. yk?
naturally, these things will always be abused. like the patriot act and stuff like that.
in a perfect world these things will not be needed, but they should in ours.
HOWEVER, i highly doubt they ever actually remotely took control of a printer or anything. that could cause a huge media (and potentially legal) backlash that could take them to the ground. @@3DMusketeers

We di see machines commanded by the cloud to start print jobs that one time

fr? when? where?@@3DMusketeers

We covered it a while back. It was an issue with their cloud which has some machines start print jobs. I believe they even had a blog post about it.
Tldr, their cloud needed rebooting someone forgot to flush the cache, parts printed. At least that's how I remember it.

Great question.......

Quality control and AI training :p

These are probably detailed diagnostic logs - do we know they're even uploaded to Bambu?

@@coolspot18 This is exactly what is uploaded to Bambu when you send a log file.

I have yes.. Have you heard of companies collecting data when they shouldnt and telling consumers they arent collecting specific data when they are?

I have. Can you point out exactly in their terms of service any violation whatsoever? Not saying they didn't, but you give no conclusive evidence at all. What do you expect from any product or service that makes use of a cloud connected app? I understand that you don't have to use the app if you elect not to. So if you don't and you're not connected to the internet as you say, they you're sharing absolutely nothing with Bambu. I'm certainly not defending them, or you for that matter. But if you understand how any as a service model works - whether you're paying a subscription fee or not, this is no different than any of those. Why don't you reach out directly to Bambu for an explanation?

This video was strictly showing what was in the logs. If you are okay with your information being tracked and logged, including photos, without your consent, and directly against what Bambu publicly stated, that is on you.
We have, they have even called me out in a blog post, which sparked this video, which is the response, in full public view.