24 posts tagged with "The Spaghetti Detective Updates"

I have regained my confidence that The Spaghetti Detective app is on pretty solid ground when it comes to security. I take full responsibility for the blunder I made in the process of developing and deploying the auto-discovery feature. Meanwhile, we don't want to have the auto-discovery function disabled forever. It would be the easiest way moving forward, but also the laziest. We know auto-discovery has made it extremely easy for new users to link their printers to The Spaghetti Detective and everyone loved it! We still want to give them a way to do it, and do it securely.

And we found a way!

The original auto-discovery design and implementation​

The Spaghetti Detective had a serious security incident on August 19th. That incident was caused by a mistake I made in the function called "auto-discovery".

This post is to provide an update on what we have done after the incident.

What we did on the day of the incident:​

• Immediately disabled auto-discovery once we found out the vulnerability, about 4.5 hours after it happened.
• Identified and deactivated the 73 printers that were exposed to this vulnerability during those 4.5 hours.
• Sent an email to all The Spaghetti Detective users to disclose this incident.
• Offered all Pro subscribers the option to cancel the subscription and receive a full refund.

What we have done afterward:​

• Had the code base of The Spaghetti Detective app thoroughly audited by a Security Consultant. No other vulnerability is identified.
• Performed vulnerability deep scans using Detectify, which distributed "exploitation scanning" to 30 whitehat hackers. Again nothing showed up.
• Designed, implemented, audited, and thoroughly tested a new way to do auto-discovery. To "have more eyeballs on the code", we have launched a bug bounty program.

We have regained the confidence that The Spaghetti Detective app remains on a pretty solid ground when it comes to security. Meanwhile, we have learned not to take things for granted. We will keep our antenna up for any signs of vulnerability or abuse.

A personal note from Kenneth:​

I was waiting for a shitstorm after I sent the email about the security incident to all The Spaghetti Detective users. The consequence of the incident was serious. Although only 73 users were impacted, it resulted in unauthorized access for at least one user's printer. I didn't expect this kind of blunder to be easily forgiven.

Instead, I was humbled by the kindness and support in the overwhelming responses you folks sent to me. I only did what I should have done: taking responsibility for my own mistake and cleaning up the mess. But you generously showered me with so much love!

At that moment, I felt lucky. Not because I escaped a shitstorm. I felt lucky because I realized I happened to be serving the most awesome group of people in the world. I started The Spaghetti Detective to give all 3D printing enthusiasts a way to securely and safely monitor your printers. I have disappointed you once. The only thing I can do is to make The Spaghetti Detective better and safer so that I won't disappoint you again!

I screwed up. It was the first security breach The Spaghetti Detective has had in 2 years of her existence. But it was an embarrassing one that I can't forgive myself for.

What happened?​

I made a stupid mistake last night when I re-configured TSD cloud to make it more efficient and run faster. My mistake created a security vulnerability for about 8 hours. The users who happened to be linking a printer at that time were able to see each other's printer through auto-discovery, and were able to link to them too! We were notified of a case in which a user started a print on someone else's printer.

73 users got impacted as a result. It's not a huge number. There are bugs that impact a lot more users. But the consequence is very severe. Nobody wants his/her own printers being linked to and controlled by another account.

I created The Spaghetti Detective to let all 3D printing hobbyists have a way to safely monitor their printers from everywhere. And this is one of the worst mistakes I can make. My sincere apologies to our community for this horrible mistake.

The Detective has done a really good job at spotting, well, spaghetti for all of us! Kudos to her! However, there is only 1 problem: her hearing is no good. This small birth defect means:

• She can't detect anything that she can't see, such as the clicking sound when a step motor stalls.
• She can't detect anything that she can't see clearly. This means she usually needs to wait at least a few minutes for the spaghetti monster to fully reveal itself before she can catch it.

This is why we came up with a bold idea - if we fix The Detective's hearing, she will be able to catch the criminals earlier, or catch the ones she would otherwise miss!

TSD has no affiliation with the linked sites or organizations mentioned in this article and is not compensated in any form for linking to them.

Mothers are, ultimately, the best “makers” on this planet. I write this from the vantage point of a man that has a great and loving mother and a pregnant wife who is the mother to my 2 boys with a 3rd on the way. As I see multiple frustrated Reddit posts about unlevel beds, extrusion issues, and prints going otherwise awry; I think about how those inconveniences trifle in comparison to swollen feet, morning sickness, and 9 months of utter exhaustion.

So, what better way to honor these ultimate makers than with something heartfelt and made by us? There have been many posts over the last 10 years or so about the “Top 10 3D Printed Gifts for Mother’s Day” including this one from All3DP. At the core though, all of those articles are just inspiration for what you can do for your mom.

The ideas below are meant to inspire and spark a memory of a special connection with your mom. For example, my mom is really into beekeeping. I am planning to make something like this bee feeder and this honeycomb picture frame (with family pictures included, of course).

Hopefully, you can find something that fits the bill on Thingiverse or MyMiniFactory but otherwise take a look at making your own creation with Tinkercad. They are genuinely easy to use, and you can make your mom something that nobody else in the world has!

TH3D Studios's EZPi Pro V2 now comes with The Spaghetti Detective preinstalled, and is available as a secure plug-and-play octoprint setup if you're looking for one. It's been a pretty cool road getting here, though, and it started back in...

Wait, hold on, disclosures​

The Spaghetti Detective and TH3D have no monetary relationship with each other. We and they both sponsor Octoprint, and there's a Teams chat where we ask each other questions we might have about each other's products and services, but no money changes hands between us and no links attached to this article are affiliate links.

I also own this one of their shirts in purple, but can you blame me?

Now on with the story.

As I was saying, it started back in​

January of this year. Tim Hoogland, owner of TH3D, reached out that one of customers was trying to set up The Spaghetti Detective on an ezpi using their EZCam, it wasn't working for that customer, and he hoped to furnish whatever information we needed to troubleshoot and make sure our software worked with TH3D's camera.

Wade Norris of TSD suggested that, since TSD isn't in hardware and TH3D is, he "realize[d] this might be a really great collaboration opportunity." Tim agreed, saying "I think we can help each other out. I am working on a new image for our Pi kits, and one thing I could do is bundling your plugin in the Pi," asking if there were any OS-level customizations that would improve the TSD experience on EZPis, and we were off to the proverbial races.

But that's not really the beginning​

For the past several weeks, since we announced the giveaway, The Spaghetti Detective's community has responded to the challenge with enthusiasm and creativity. More people than we ever expected printed Wekster's awesome model and tagged us and Wekster, and because we have such an involved, enthusiastic community, we have given out thousands of free Detective Hours. We love all of the prints, but after the jump are a few of my personal favorites, along with the winner announcement and winner selection process.

There's a game I like called Dark Souls, made by From Software. It's an action RPG known for its difficulty, and it has spawned its own subgenre of games, though most imitators miss the most important part about Dark Souls: Everything that goes wrong, even if it's not your fault, went wrong for a reason you can learn from and avoid the next time. Every failure gets you better at the game. 3D printing is like that. As you see above, in the prints since my successful first print, I've had a lot of print failures. Let's go into why they failed, how I know how they failed, and how I fixed them.

A lot has happened since my last post. To start, on Sunday, March 7, we finally passed the thirty million Detective Hours milestone. The Detective has kept vigilant watch over your prints for almost 3,500 years of time. While she was busy watching your prints so that you don't have to, this is:

What you've been up to​

You guys have been sharing a series of beautiful prints of The Detective on Facebook, Twitter, and Instagram, and we're floored by the response. Every day, there are new shares and we've got more Detective Hours to give away. Please keep it up - the usernames to tag are below, and we'll give you 200 free, never-expiring Detective Hours for every print you share where you tag Wekster and us.

What I've been up to​

Five days ago, Wekster contacted me to let me know that he had split the bust model for full multicolor printing. Below, I've included zips of the STLs for the multicolor base and the new, fully multicolor detective.

Since then, I've been trying to print her. This is how that went:

The Spaghetti Detective came out of beta about 1 year ago. Since then, The Detective has watched more than 19 million print hours for the 3D printing hobbyists. That is on average 49,625 hours a day!

And sometimes next week, we will cross the mark of 20 million watched print hours.

Those who joined TSD family early enough would probably remember we had a celebration (socially distanced and perfectly safe😉 ) when we crossed 10 million hours back in April. We will do a similar one this time too. This means the chance to get 50% discount off Pro account but you need to work for it. We will make the rules simpler than last time:

What is OctoPrint Tunneling?​

OctoPrint Tunneling is a secure way to access the full OctoPrint UI even when you are not on your home network.

The Spaghetti Detective provides the access to the most critical functions - webcam feed, pause/cancel, changing heater temperature, etc. However, we understand there are times when you want to access other OctoPrint functions while you are not home, such as using its PSU plugin to turn on/off power supply to your printer.

So we built OctoPrint Tunneling to make it possible for you. 🚀🚀🚀

Is OctoPrint Tunneling secure?​

Many TSD users have made it clear in their survey responses (big shout-out to everyone who gave us your feedback by filling out the survey) that the next cool thing they want the most is a The Spaghetti Detective mobile app.

So this is exactly what we will do. We will build a TSD mobile app! And we will make it available on both Android and iOS!

Features included in the TSD mobile app​

The Spaghetti Detective is partnering with 3D Geeks, one of the most popular 3D printing apps, to bring mobile push notifications to our users.

What does it do​

When you have 3D Geeks app integration activated, you will receive push notifications on your phone for the same failure alerts and print job notices as the ones you receive in your email. In addition, you will also receive push notifications for print job progress (25%, 50%, and 75%).

We will be making some pricing adjustments on the monthly Pro plan as of July 8th, 2020.

• The monthly Pro plan for the first printer will be adjusted from $5.5 per month to $6 per month.

• For each additional printer, the monthly Pro plan will be adjusted from $2.75 per month to $3 per month.

• Nothing else changes.

Why these changes?​

We have made some important changes to how you can help The Detective get better at her job:

1. We launched a new feature called the "Focused Feedback". As the name implies, you tell The Detective if she got things right in a more "focused" way - snapshot by snapshot, rather than time-lapse by time-lapse.
2. Every time you finish a Focused Feedback, you will earn 2 Detective Hours!
3. You can, and should still give feedback at the overall time-lapse level. However, you will no longer earn Detective Hours from doing so. Instead, you are highly encouraged to give the Focused Feedback to earn Detective Hours.
4. Similarly, you can still upload your own time-lapses to help The Detective learn but you will no longer earn Detective Hours from doing so. Of course you can also give the Focused Feedback on the time-lapses you upload (will be implemented in a couple weeks).

Why did we make these changes?​

TSD users have been active in helping the world fight COVID-19 by printing crazy amount of PPEs. Their heroic effort is also supported by TSD's offer that gives each of them 2 months of Pro account for FREE!

By popular demands, this offer is now being extended to people without a pre-existing TSD account, as long as you are a member of a group dedicated to printing PPEs.

In just a couple of days, the number of hours that The Detective has watched will cross the 10-Million mark.

This incredible milestone, first and foremost, is a clear demonstration of the heroic actions taken by the makers around the world to fight against COVID-19. In the past two months, TSD users have been printing Personal Protection Equipments (PPEs) days and nights. The daily print hours on TSD has more than doubled.

This milestone is also the direct result of TSD's contribution to this collective fight against COVID-19. Yes it costs us significant amount to serve those hours, but as a member of the 3D printing community, we want to help out since we are lucky enough to be doing just fine during the time of this pandemic.

To celebrate this incredible milestone, as well as to give our users some dopamine while we are all stuck home, we will give away some goodies and prizes.

This is a guest post by Steve Wynveen. Steve Wynveen is a mechanical engineer that is a technician at heart.

Background​

As you are probably well aware, there is a shortage of PPE for hospital and other medical field staff. Froedert & Medical College of Wisconsin have posted plans for people to sew 100% cotton face masks. Several other patterns for sewists exist as well.

The Froedert ask for public help:

https://www.froedtert.com/stories/new-unused-personal-protective-equipment-other-supplies-gratefully-accepted

The Froedert mask plan:

https://www.froedtert.com/sites/default/files/files/2020-03/MaskInstructions_V2.pdf

3D printing hobbyists in The Spaghetti Detective community banded together to print PPEs for healthcare workers in their local community to help them fight COVID-19.

3D printing and virus are two things that usually don't intersect. But now when the world is upended by the coronavirus crisis, they do - in a way that not many people would expect.

The Spaghetti Detective is a 3D printing platform with tens of thousands of active 3D printing hobbyists.

When the coronavirus is attacking, they act together to save the world.

How? By designing and 3D printing thousands and thousands of face shields and masks and donate them to hospitals and healthcare workers who are in separate need of protective equipments; or by 3D printing things like door opener for touchless operation; or by simply showing gratitude to people who are fighting on the front lines.

Update on 04/05/2020: Since the start of the pandemic, TSD users have more than doubled the hours they print every day. This graph tells it all:

If you have a 3D printer, put it to good use by joining tens of thousands of us in the fight against coronavirus. If everyone one of us prints 10 face shields or masks a day, we will have an unmatched capacity of producing millions of protective gears in a very short amount of time.

Join us in this banded effort!

Effective March 10th, 2020, the Unlimited Detective Hour Pack will no longer be available to Pro subscribers. It'll be replaced by a 2000 Detective Hours / month Pack at the same price.

The Pro subscribers who have subscribed to the Unlimited Detective Hour Pack on or before that day will not be impacted. You will still get to enjoy unlimited Detective Hours no matter how many hours you print each month. This is our way to say "Thank You" to anyone who supported us in our early days!

Shop subscribers can still subscribe to the Unlimited Detective Hour Pack. Please contact us if you are interested.

February 19th, 2020 is a special day for The Spaghetti Detective. It is the day when The Detective watched her 5,000,000th print hour.

I clearly remember when I put The Spaghetti Detective beta online about the same time last year. I opened the server log to wait (patiently) for the 1st user to sign up. It took hours (thank god it was not days).

I clearly remember the dopamine run when I saw in the server log The Detective was called upon duty to check the very first webcam image for failure.

And I clearly remember when we reached 1000 print hours. It was a little more than 1 months after the beta launch. I went home and opened a bottle of champagne. But with or without the alcohol, my brain didn't have the capacity to just imagine what 5,000,000 print hours would look like.

And now, a little less than 1 year after the beta launch, 5,000,000th print hour is here. That doesn't even include the print hours watched on the private servers. This is a clear indication for the level of enthusiasm our fellow 3D printing hobbyists have toward The Spaghetti Detective.

Thank you everyone for being part of this amazing ride, for helping each other in the discord forum, for reporting bugs and helping us fix it, for bearing with the imperfection of our AI model, and for writing to us to simply cheer on the team.

The Detective wouldn't be where she is today without you, our lovely users!

Cheers,

Kenneth Jiang, Founder @ TSD

Remote G-Code upload and printing is available now. It was a little later than we promised. But we launched other features such as print job notifications (email, Telegram, and PushBullet) a lot earlier than scheduled. Guess we can give ourself a B+ on our score card? 😉

This is a short and easy-to-consume tutorial on how you can use this feature. Please give us feedback by commenting at the bottom.

We screwed up. Quite badly. We did the math wrong when we tried to calculate the cost of hosting TSD servers, and we underestimated the cost to serve webcam streaming by 50%.

The price we set for Pro plan was way too low to even cover the cost of servers and network bandwidth. Throwing in other miscellaneous items such as the cost to send emails and text, we were unfortunately not on a healthy path to keeping the lights on for everyone who loves TSD but doesn't want the hassle to run a private server.

Therefore, as much as we want to make TSD affordable for everyone, we had to make a tough decision to raise our price for Pro plan. The good news is that significantly more users than we expected subscribed to the Pro and Shop plans. As the result, we only need to raise the prices by about 25% to fill the gap.

The new pricing will take effect on December 16th, 2019.

The Spaghetti Detective has come out of beta! With improved AI accuracy, and shiny new user experience such as the sleek 25-frames-per-second webcam streaming, we are open to all 3D printing enthusiasts now!