• jesta@lemmy.world
    link
    fedilink
    English
    arrow-up
    28
    ·
    8 months ago

    You should blame anycubic for their mqtt server which allows any valid credential to connect and control your printer via the matt API. Let’s just hope anycubic fixes their mqtt server.

    Well that’s smart…

    • RamblingPanda@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      6
      ·
      8 months ago

      I’m by no means a security specialist. But shit like this is the first thing I look for when I implement something. And then I organize a penetration test.

  • hollyberries@programming.dev
    link
    fedilink
    English
    arrow-up
    23
    ·
    8 months ago

    Buying a proprietary 3D printer with internet connectivity. What could possibly go wrong?

    Going by the linked forum post, Anycubic has been aware of it for two months. Any competent FOSS project would have nipped that in the bud on the same day it was discovered. Incredible.

  • SzethFriendOfNimi@lemmy.world
    link
    fedilink
    English
    arrow-up
    20
    ·
    edit-2
    8 months ago

    And bad actors could really do some damage if they can put a gcode file that is then printed

    Maybe it crashes the head to damage it… or runs the extruder or bed at high temps outside what should be safely printed