Last year I sat through a presentation by the former CSO for the CIA and one of his blackhat hackers now in his employ. Cybersecurity for the most part is a misnomer. The flaw isn’t in the system, the actual security in place, the connectivity, whatever certifications you want to mention or the people who have them.
It’s Marge in accounting who can easily be socially hacked in about 30 seconds by telling her she’s spreading a virus to the entire department and this is Phil in IT who needs her password to shut it down. That’s been the case for decades (Mitnick used social hacking as one of his primary methods). Someone is always willing to give you their password. Once you’re in, you’ll find a default security account left behind on something that one of the IT guys forgot to change or patch.
Not to say none of that isn’t important, but social engineering can pretty much beat any world class security you want to put in place.
Reddit and the various glowforge communities on Facebook are notoriously unreliable. Lots of misinformation and misdirection.
And information most assuredly can be deleted there. Often is by the moderators. While content can be deleted here, I haven’t seen much evidence beyond deletion of outright trolling posts or really nasty attacks.
As far as intellectual property is concerned?
Yes-- that is a concern. I would like to see GF reveal considerably more about the communication substrate that is being used. The most secure platforms are done in the open and security-by-obscurity is simply false.
With that said, I’m personally not terribly concerned about it. And wouldn’t be particularly concerned even if I were using the GF in a fully professional, production, product creation, environment.
Unless said environment demanded that the intellectual property not be moved through such a communication substrate. Such work environments exist (I work at one, for example) and, if in that context, the GF is not a good solution. Of course, such work environments must also be prepared to pay the multiplier in costs required to lock things down to that degree.
You seem to be searching for a reason to reject your order (which is fine). Not a company in this world is going to give you a guarantee (that they can stand behind) that your data might not be compromised in some way.
Thankfully.
I move mine regularly without assistance. I guess if it takes 3, that could be a pain.
And FYI - I’m not abicating that we disregard security and don’t put it in place. I spend a good chunk of my companies IT budget each year on security. Just don’t be fooled thinking if they have that in place you’re good. Or asking GF if they have this in place that they’re good. Like @polarbrainfreeze said, I’m sure they’re doing what they can.
But it’s like a thief coming to your house - they’ll get in if they really want to regardless of the dog / security / lock / etc. Determined thieves are rarely denied.
in the end, we’re still putting data in the cloud. and as such, it’s vulnerable to someone at GF making a mistake that allows hackers access. if that’s truly important to you, then you may need to look for a different machine.
Re: keeping your design out of everyone else’s hands. Do you plan to make the recipients of your designs sign an NDA prohibiting them from taking photos / posting photos of your designs on the internet? Prohibiting their friends from taking photos? From allowing anyone else to ever see? Like really.
Speaking as someone who has had my designs stolen (many times and in several different capacities), there are precautions you can take, but you can’t prevent it from happening unless you plan to keep it locked in your attic. And then what’s the point of designing for no one to see? If you did make a truly good design and it catches like wildfire, that’s a form of success. I’m not saying this to be unkind, but the chances that anyone else cares enough about stealing your design from the glowforge server to say, risk their plum job at a cutting edge tech company is pretty vanishingly small.
I have one question, if some of you are concerned about Cyber Security, being hacked and ideas being stolen why do you have computer at all let alone anything that communicates with the internet?
i don’t know if i agree with this completely. there’s a difference between having a picture of a completed project that someone has to reverse engineer and having an SVG file of the actual design files.
anyone who can handle the GF could at least cut / engrave all the parts with that SVG and would only have to reverse-engineer the assembly.
with a photo, you would need to recreate the design file from scratch. that’s a much more difficult and time consuming thing to do.
Must assume that the designs you refer to are secret. Other than that there is not a design you can produce that I can’t duplicate just by looking at it or taking a picture. So nothing I would ever produce for sale is less secure because of the cloud. Now having my credit card number in the hands of any business does concern me.
Funny…this reminds me of when I went to an Arts & Crafts festival and had a pair of Google Glasses on (yep…a few years ago). A vendor was freaking out that my Google Glass was taking pictures of his art…as if I was nefariously stealing his designs. He forcefully told me to take off my Google Glass. So, then, I pulled out my cell phone and took photos, which he was oddly OK with, even smiling for the photo.
FYI…I wasn’t taking photos with the Google Glass, but since he had heartburn that I “could be” taking photos with the Google Glass, I thought I’d see he reaction to a cell phone photo.
I see you joined our community about 3 hours ago, Welcome.
Actually that I see as a benefit. In my almost 2 years of having a glowforge in my shop, its capability and refinement have evolved admirably.
This also assures me that the company is transparent. All manufacturers have a support option on their sites, this is the only one I know of that does their laundry in public, allowing everyone to see the reported issues.
Those of us who have been around here since the initial 30 day campaign have witnessed @dan, the CEO endure criticism without a hint of retribution, and when some posted about the product of a compeitor, he would go so far as to recommend they might look into buying it from the actual manufacturer who made it rather than the vendor the post highlighted.
We have also never seen him speak I’ll of a compeitor.
I’ve never seen a post critical of the company be deleted, so I’m not sure where that is coming from.
I have seen a few instances where an inquiry fell through the cracks, but more often than not a spam filter on a users account is responsible. Also check to see if a communication ended up in “promotions”… Where I found my invitation to participate in the pre-release program.
Personally, I have witnessed nothing but integrity and a profound care for their customer’s experience coming from every level of this company.
(Re: much more difficult and time consuming: you may be right, though I don’t see too many high value laser designs that don’t require a ton of finishing and assembly after the fact. I detest copy cat culture by the way, but it’s a fact of life now.)
not sure why they would be upset with google glass over phone. but i see lots of arts festivals where the booths have “no photographs” signs. it’s pretty common.
i think there are several separation factors in the art/craft world.
#1 is always concept/idea.
#2 (esp in laser/3D printing) is technical software skills.
#3 is finishing (some of that is basic assembly, but also your craft at actually assembling properly, adhesives not showing, paint/varnish cleanly applied, etc.)
someone stealing files could eliminate a lot of #1 and #2.
The app does use a secure web connection to the server. I have added using a VPN. Data intercept is very unlikely.
The server to drive the printing does require secure login with your userid and password to see any designs stored there. I the case of extreme concern, you can delete the uploaded design immediately after printing, and it cannot be retrieved once you refresh logging in.
Least of my concerns would be the staff stealing the designs. Typically, I’d consider using the Glowforge interface to be as secure for your data as just about anything on the net.
I’m totally loving my Glowforge, and I’m loving the evolution that comes along. In any development, there is some potential for issues, but my experience with Glowforge support has been absolutely stellar.
Note: I’ve never seen a post deleted for complaining about, or being negative about, Glowforge. That’s not a violation of the terms of use. I have seen posts deleted for blatantly violating the forum terms, and I’ve seen them moved to different categories when posted in the wrong place. If you want an actual response from Glowforge staff, you’d have better chance posting in support category or emailing support@glowforge.com. Response can take a couple days, but I’ve never been dissatisfied with them.