I realize the topic of required internet access has been discussed at length on this forum, so I went ahead and searched through the past postings. I have a few thoughts that I don’t think have been brought up:
- We were all given an enthusiastic (and apparently irrevocable¹) guarantee that the firmware for the Glowforge would be released under the GPL “when it ships”. The Glowforge is now shipping, but I have not seen where the firmware was released. The Glowforge GitHub organization has no public repositories.
- Using the cloud for planning and motion calculations means that Glowforge Inc. knows exactly when and what I am cutting/engraving/printing. This means that, if served valid a government subpoena or warrant, Glowforge Inc. would have no choice but to hand that information over to the government. Even if I wasn’t doing anything my government wouldn’t like, if I was developing proprietary parts which were highly sensitive, the idea of uploading the exact instructions on how to make those parts to a service which I have no control over is a bit off-putting, to say the least. I haven’t seen any policy statement about how our data will be kept private and secure.
- Because these printers require internet access to remain useful, they may be rendered useless by the government at any moment, either intentionally or unintentionally. For example, during the Arab Spring, Egypt effectively cut off all routes to the internet outside of Egypt, which would have rendered devices like these entirely useless. Or, perhaps the government wants to prevent people from being able to manufacture things without government approval: they can simply block access to the servers and no one would then be able to use Glowforges.
- I haven’t read any details yet regarding the nature of the connection between the Glowforge device and the Glowforge cloud. If it is not protected with TLS, the designs that I am cutting could be intercepted or forged. I sincerely hope that all connections to the Glowforge cloud are properly encrypted and authenticated.
- I haven’t read any details yet regarding what mechanisms will be in place to prevent this device from becoming compromised by other devices on the network, or from a man-in-the-middle attack.
- I haven’t read any details yet on if this device can work with a proxy (like a HTTP proxy or a SOCKS proxy). This would be useful.
I also have a requests for a future “Pro” version:
- Please include an ethernet port.
¹ Quoting @dan: “There’s no backsies on that once we ship”