AM SoftwareOpen Source

OctoPrint addresses security concerns with safe remote 3D printer access guide

The ISC recently reported that thousands of OctoPrint interfaces were publicly facing the internet.

Despite the fear mongering surrounding 3D printed guns that has dominated most 3D printing-related discourse in the mainstream media lately, there are certain, much more real and immediate safety concerns within additive manufacturing. As the Internet Storm Center (ISC) recently reported, one of those concerns comes from users of 3D printer monitoring software OctoPrint.

According to the report, over three thousand OctoPrint interfaces are currently publicly facing the internet, meaning they are at risk for IP theft or leaks of 3D printable files, compromised 3D models and even of having their webcams hacked.

Thankfully, it’s not necessary to stop using the open source 3D printing remote access software, only to use it with more precautions. In response to the report, OctoPrint recently published a guide to keeping your private information and 3D printing files safe while using the popular tool.

It reads:

“Putting OctoPrint onto the public internet is a terrible idea, and I really can’t emphasize that enough. Let’s think about this for a moment, or two, or even three. OctoPrint is connected to a printer, complete with motors and heaters. If some hacker somewhere wanted to do some damage, they could. Most printers can have their firmware flashed over USB. So as soon as the box hosting OctoPrint is comprimised, there go any failsafes built into the firmware. All one would have to do, is flash a new, malicious firmware with no safeguards, over USB, and then tell the printer to keep heating, leading to catastrophic failure. Of course there are other reasons to not have an OctoPrint instance available on the public internet, such as sensitive data theft, but catastrophic failure is by far the worst case scenario here.”

The post goes on to describe a number of ways to users can remotely monitor their 3D prints using OctoPrint without putting the program on the public internet. The easy way, it says, is to use plugins, such as Polar Cloud, OctoPrint Anywhere, OctoPrint-DiscordRemote and Telegram.

“Remote access via a plugin is certainly the easiest way for you to access your instance and control/monitor your printer,” the post reads. “Unless you really know what you’re doing, this is very likely the method that you’re going to want to be using. There are a few different options available that accomplish remote access, without opening up OctoPrint to the rest of the world.”

OctoPrint

More advanced users can also protect OctoPrint from abuse using advanced access methods, including VPNs and Reverse Proxy. If one of these workarounds is used, guest author [Jubaleth] recommends putting the VPN or Reverse Proxy onto a separate physical box connected to the 3D printer.

“All in all, there are many ways one can safely access an OctoPrint instance remotely, that do not involve blindly forwarding ports on your router and putting yourself at risk,” the post concludes. “Anything with the potential to burn down your house should be treated with the utmost care. It may seem more convenient to cut corners… but is it really worth it?”

Tags

Tess Boissonneault

Tess Boissonneault moved from her home of Montreal, Canada to the Netherlands in 2014 to pursue a master’s degree in Media Studies at the University of Amsterdam. It was during her time in Amsterdam that she became acquainted with 3D printing technology and began writing for a local additive manufacturing news platform. Now based in France, Tess has over two and a half years experience writing, editing and publishing additive manufacturing content with a particular interest in women working within the industry. She is an avid follower of the ever-evolving AM industry.

Related Articles

We use cookies to give you the best online experience. By agreeing you accept the use of cookies in accordance with our cookie policy.

Privacy Settings saved!
Privacy Settings

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. Control your personal Cookie Services here.

These cookies are necessary for the website to function and cannot be switched off in our systems.

In order to use this website we use the following technically required cookies
  • PHPSESSID
  • wordpress_test_cookie
  • wordpress_logged_in_
  • wordpress_sec

Decline all Services
Accept all Services
Close
Close

STAY AHEAD

OF THE CURVE

Join industry leaders and receive the latest insights on what really matters in AM!

This information will never be shared with 3rd parties

I’ve read and accept the privacy policy.*

WELCOME ON BOARD!