Howdy, folks!
I’m teetering on the brink of connecting my Sovol3D S06 ACE to my wireless network, but I’m pausing because this device can make physical real-world actions like:
- record photos and videos using its built-in camera
- shaking so much that it manages to knock itself on the floor
- melting so much plastic that it dribbles all over itself and then all over everything around and beneath it
- consume lots of electricity and cost me a fortune on my utilities bill
- burn the house down
None of this happens in normal usage, of course, but watching it self-calibrate did make me wonder:
- how safe the firmware is?
- is it retrieving instructions from Sovol3D or some other party by itself?
- is it sending records of my print jobs to a 3rd party?
- is it sending photos and videos to a 3rd party?
- how safe the firmware is once its receiving arbitrary network traffic?
All IPv4 traffic from the internet goes through a NAT/firewall that I conceivable control, but my devices all get public-facing IPv6 addresses, and the default SSH password on all of these printers is publicly-documented
It looks like the Sovol3D S06 ACE firmware is https://www.klipper3d.org/ + https://www.obico.io/ + some unknown amount of stuff that Sovol3D adds on top, and it doesn’t seem like they’ve kept the public source code up-to-date: https://github.com/Sovol3d/SV06-ACE
I do already self-host https://www.home-assistant.io/ and plan to integrate the 3D printer with it, avoiding any cloud behaviour as much as possible, but I’m wondering if anyone else has already done this and has any advice on what to avoid?
Cheers! <3
Factually wrong. You can do a NAT rule to force it to whatever NTP you want. If you own the network, you can route the packets however you like.
Example from my opnsense config:
Nothing leaves my network on port 123 unless it’s my own timeserver serving a response to an external request. (I actually have a proper GPS-based time server, but nothing stops you from just having a normal linux host as a timeserver or something this way either).
I do the same thing with DNS. Force all port 53 and 853 traffic to my own DNS servers. And have a wide firewall block rule for any known DoH servers.
Fair enough, I should have said that there’s no other built-in way to set the time on them.
I work with 3d printers in a school that uses its own NTP server and blocks other requests. The only way I managed to set the time on the machines sort of using a raspberry pi or something, was to connect them to my phone’s hotspot.
Ask the admins to setup the NAT rule.
But yeah, ultimately it’s a pretty poor decision on Prusa’s part to make it hardcoded. I didn’t even realize my mk4 doesn’t allow manually setting the time. I wonder if anyone has brought it up on the firmware repo.
I have DHCP announcing the NTP server, I haven’t seen my prusa attempt to talk outside of my network. But I do see a boatload of IoT stuff ignore my local NTP all the time. Very frustrating.
I’ve opened an issue asking for a manual offline way to set the time, and I saw another one asking for a DHCP option.
I’ve tried asking the admins, and they were mad I connected the printers to the network to begin with 😅