
There’s a massive controversy happening around Bambu Lab’s surprise announcement of a firmware change.
Their original announcement described the introduction of “Bambu Connect”, a new app that is designed to provide the interface to their printers. This is intended to replace the functionality of their previous network API that allowed apps to interact with the devices. Bambu Lab explained:
“As part of our ongoing commitment to enhance the overall security of our products, we are introducing an authorization and authentication protection mechanism for the connection and control of Bambu Lab 3D printers. This step is a significant security enhancement to ensure only authorized access and operations are permitted.”
The idea is that they believe “authorization” is required for these specific operations:
- Binding and unbinding the printer
- Initiating remote video access
- Performing firmware upgrades
- Initiating a print job (via LAN or cloud mode)
- Controlling motion system, temperature, fans, AMS settings, calibrations, etc.
Possible Issues
At first, this seems reasonable: let’s introduce some additional security features. This is not so surprising, as there have been several incidents where devices have seemingly been mixed up on their cloud system.
However, at second glance, the new implementation appears to have a number of issues that don’t sit well with some Bambu Lab operators.

One issue is that if you’re using a third-party slicer that previously directly connected to the 3D printers, such as OrcaSlicer, the workflow is changed. The GCODE will have to be first sent to Bambu Connect, where authorization takes place, and then sent on to the printer by Bambu Connect. If you’re using Bambu Handy or BambuStudio, these will automatically integrate Bambu Connect and operations will be unchanged.
The second perceived issue is that Bambu Connect provides authorization, and that may conflict with those operators using the equipment in LAN mode. LAN mode is intended for organizations that do not want any data leaving the site, and not involving Bambu Lab’s cloud servers. There are many organizations that do not want any data transferred offsite, and this has been in “LAN Mode”, where PC to printer communications remain solely on the LAN.
These affect operators in different ways, depending on what you’re doing. If you use the Bambu Lab slicing software, then there’s really no impact. If you’re using third-party slicers and other software that depends on the previous API, then workflows have to now include Bambu Connect.
If you operate a 3D print farm with many devices controlled by third-party software, this could be a very big deal. Bambu Connect doesn’t seem to be automated, so this could require farm operators to hit “print” in Bambu Connect over and over and over. Could this firmware change break farm software tools?
Community Response
The result of all these changes has been a massive negative response from the online Bambu Lab community, with countless individuals now declaring that they will no longer purchase Bambu Lab equipment. Bambu Lab is now seen by many as no longer friendly to the open 3D print community. It could be that Bambu Lab’s sales could be impacted.
Some extrapolate that these changes are Bambu Lab’s moves towards a fully closed environment where they control every aspect of operating their equipment and collecting all the data.
But what’s really going on? Why would Bambu Lab put forth a change that would generate this negative response? Surely they would have known this would have happened?
Why Bambu Connect?
I believe there is more going on that meets the eye. After quite a bit of reading this past weekend, there are several things at play here.
First, it now appears that the original API had a terrible security design. There were some incidents, as mentioned above, but apparently there were also signs of a large-scale attack being planned due to patterns of activity detected on their cloud.
If I were managing Bambu Lab, I would be extremely concerned about such an attack. Imagine if hundreds or thousands of Bambu Lab devices suddenly went rogue — or all of them. Regardless of whether the machines were damaged or just harmlessly interfered with, that would create a similarly negative response with buyers. If the attack caused damage, say, starting a fire, it would be far worse, perhaps even fatal for the company.
Clearly, Bambu Lab had to change their security architecture, and they chose to implement Bambu Connect. Their implementation seems rushed, as they don’t have all the pieces quite ready yet. For example, they are still working with the OrcaSlicer project team to integrate Bambu Connect. This suggests some urgency to get it out as soon as possible, hinting that there might be something bad expected soon.
Regarding the LAN mode connection requirement, this turns out to be entirely false. Bambu Lab later issued a statement clarifying the authorization requirements for Bambu Connect in LAN mode:
“Through our new Bambu Connect platform, we’re creating a secure bridge that allows continued use of popular third-party software like OrcaSlicer, both in cloud and LAN modes – the latter requiring neither internet access nor a user account.”
Here is their flowchart for how they expect OrcaSlicer to work, in both Cloud and LAN mode. Note that in LAN mode, there is no connection to the cloud:

It appears that the community has assumed there was a requirement to connect to Bambu Lab when in LAN mode with the new firmware, but that is apparently not the case, according to Bambu Lab’s update. Their clarification may have a hard time getting past the dozens of YouTube videos and discussion threads saying the opposite. Even after clarifications were published, I am still seeing many people declare Bambu Lab as “evil”.
Print Farm Effects
That said, there is still the workflow change problem, which will be most acute for farm operators. Bambu Lab does not offer print farm software, so any farms using Bambu Lab equipment by definition are using third-party solutions.
These will have to be changed in some yet-to-be-determined manner in order to use the new firmware. As an example, here is a message sent to AutoFarm3D customers by 3DQue:
“We have had discussions with Bambu Lab in the past and are awaiting further details on their authorized partner program to ensure a seamless experience for AF3D users.
In order to continue using AutoFarm3D and maintain secure offline access to your print farm,our recommendation at this time is to refrain from upgrading to X1C firmware version 01.08.03.00. If you are a Bambu Lab Beta tester, you can roll back to firmware version01.08.02.00.
Rest assured, we’re closely monitoring the situation and will continue to keep you informed.”
This is likely the case for all of the third-party software developers that have previously used the Bambu Lab network connection API. In other words, wait for an update from them.
Bambu Lab wrote:
“Print farm operators and software developers interested in integration can work directly with Bambu Lab to implement proper authorization controls. We welcome partnerships with companies developing legitimate accessories and software for Bambu Lab printers.”
There are rumours that Bambu Lab is developing its own farm software, and one source claimed to have seen indications of tiered fees for different sizes of farms. This is not surprising, that’s how commercial farm software works, including 3DQue, for example.
Bambu Lab Clarification
Bambu Lab then released a very lengthy clarification statement on their blog, which added one interesting change. They intend to add a “developer mode”, where operators assume responsibility for their own security and can continue to use the earlier network protocols.
Otherwise they haven’t changed anything from the original announcement, as far as I can tell. It seems to me that their original announcement could have included more details to address these concerns, and this has resulted in negative sentiment. There are now dozens of videos, posts, and even hashtags based on misinformation.
This is an evolving situation, and there will be more updates this week.