STAY ON TOP OF YOUR PRINTS EVERYWHERE

There’s a lot to love about OctoEverywhere – being able to access your 3d printer no matter where you are, for free, is pretty sweet. But sometimes it’s nice to zone out and forget about things for a while, without having to worry you might miss something…

Introducing OctoEverywhere’s Instant Printer Notifications!

Our Instant Printer Notifications technology easiest way to keep tabs on your printer and prints – for free! We support notifications where ever you are; get instant notifications via Email, SMS, Telegram, Discord DMs, Slack, Pushover, or Pushbullet! We support 10 printer events and counting; including printing complete, print failed, print progress, first layer complete, filament or color change required, and more!

OctoEverywhere's Instant Printer Notifications Hub

We meticulously crafted the notification format for every notification platform to make look and feel amazing, including full-resolution snapshots on most platforms!

OctoEverywhere Discord DM notification example.

Wow! How Do I Try!?!

Simple! If you already have OctoEverywhere setup, head over to the Notification Hub to enable whichever notification endpoints you wish. Then pick exactly which notifications events you want to receive.

If you don’t have OctoEverywhere setup on your OctoPrint based 3D printer, check out our Getting Started Guide for a quick and easy 2-minute setup!

Like always…

… a huge shout out to the amazing community we are building and all of the OctoEverywhere project supporters. We had a handful of our community members volunteer to take part in an invite-only beta of this system and together we were able to make some critical improvements to the system. Without all of you, this project would be nothing. ♥

Happy Printing!
– Quinn

START A DISCOURSE ON OUR DISCORD

Well… the title says it all… we have an official Discord now!

I wanted to do this for a few reasons:

  • Give our growing community a place to meet-up, get to know each other, and chat.
  • Give our community a place to support each other by asking and solving issues.
  • Give our community a place to discuss feedback and ideas. A place where everyone can contribute and I can directly engage in the conversation.
  • I needed a home for our new Discord DM bot! (more on that soon!)

So what are you waiting for? Come join the server now and say hi!

SECURITY CHECKUP

Update 10/22/2021: I worked with the YouTube channel Renaissance Laboratories to create a video covering the security of OctoEveyrwhere! It’s a great resource to augment the information found in this post.

Being a 3D printing maker myself, I fully understand the concerns around exposing printers to the internet. It’s a wonderful and powerful tool for all makers, but it has to be done right. From day zero of designing and writing the OctoEverywhere service, security has been the top priority. Every feature I have designed requires absolute security and if I can’t do it in a secure way, it doesn’t get added to the service.

There are two main things to consider with security:

  • Account security that relies on you.
  • Service seurity that relies on OctoEverywhere.

Your Account Security

The #1 entry point to all cyber attacks (even the big corporate hacks) is exploiting a user to get their credentials in some way. Your account credentials are the keys to your kingdom. It’s up to you to make sure they are unique and secure. Here’s something to consider to keep your account safe.

  • Use Strong Passwords
    • Our system enforces a minimum password length, but you must make sure the password is strong. Strong passwords are long and include letters, numbers, and symbols. Using a password manager is a great way to generate secure passwords. You can update your OctoEverywhere password anytime using the password reset system.
  • Never Reuse A Password
    • Reusing passwords on other websites opens you up to attack. It’s far too common for other websites to leak passwords which are then paired with your email address and used by bad actors. Armed with your email addresses and password from other sites, a bad actor can reuse that combination to gain access to your OctoEverywhere account. Using a password manger is great and simple way to keep track of per website passwords.
  • Enable 2 Factor Authentication
    • OctoEverywhere supports 2 factor authentication which is an amazing way of keeping your account secure. Even if a bad actor acquires your email and password, unless they also have the constantly changing 6-digit code from your device they can’t get in. This means even if you accidentally give away your password, your account is still secure! I strongly encourage you to enable two factor authentication on your account, which you can do here.
  • Use Google, Facebook, or Apple Login
    • Using a login partner adds another layer of security to your account. These massive companies have many great engineers working on keeping our account secure. You can add any login to your account assuming you use the same email address. To fully secure your account, also update your OctoEverywhere password to a strong, long, and unique password.

OctoEverywhere Service Security

As I said at the top of this post, I take security very seriously. No service can ever guarantee perfect security in today’s modern world, but I put security first in everything I do. No matter how great a feature would be for our community, if it can’t be done securely, I won’t add it. All of the OctoEverywhere systems are designed with multiple layers of security using cutting-edge security standards and practices.

I believe that transparency is an obligation for all services providers to supply. If there is ever a security-related issue with OctoEverywhere, no matter how small or large, I will promptly inform all users and make sure to get in contact with any users who are directly affected.

Account Information

We collect the minimal amount of account information as possible, just an email and password. We don’t need to know anything else, so we don’t want to. We don’t even know your first name, so we can’t even greet you!

We do need to collect more information if you decide to support the project, but all of that information isn’t held by our services it’s held by our subscription partners ChargeBee and Stripe. ChargeBee and Stripe are the leading global payment systems in the world.

Your Browser To Printer Connection

When you connect to your printer, both your browser’s connection to our servers and your printer’s connection to our servers is encrypted and secured using industry-standard encryption. The same encryption system is used by your bank when you connect to manage your funds online. This is the first layer of security for printer connections. Your browser holds a session cookie that’s 256 bytes of high entropy randomness that identifies you and your authentication to the service. For a browser’s request to be sent to a printer, the browser must preset a valid session cookie that’s associated to the correct account and has the printer associated to it. Meaning that before anyone can send requests to your printer, they must first have a valid user session authentication token.

After your browser has authenticated you to the service and the service allows your request to be sent to your printer, you must also log in to the OctoPrint interface using your local OctoPrint credentials. Our OctoEverywhere service securely transports your login credentials through our system but never stores them in any way. The credentials are lost from our system immediately after sending them to your printer. This is the second layer of protection. Since no OctoPrint credential information is ever stored anywhere in our service, a bad actor has no way of obtaining them from our services.

App Connections

App connections create a per-app and per-portal session “app id” that grants the app access to only the selected printer. The authentication session given to app connections does not allow the apps access to your account or any other printers on it. Furthermore, app connections are also secured by a set of unique and random http credentials associated with the app id, that must be present in all of the app’s requests. These credentials are sent in the encrypted communication to our servers, so they can’t be intercepted in man-in-the-middle attacks. You have the power to revoke any app’s permission at any time via the shared connections page on our website. Revoking the credentials will immediately block the app and any access to your printer.

The second layer of security on app connections is the authentication key the app must also acquire from OctoPrint. Same as the browser-based connections, even if a bad actor were able acquire the app’s “app id” and unique password to send requests to the printer, the bad actor would still need to acquire the app’s OctoPrint token which is known only to the app on your device.

General Service Security

Our service runs on a secure hosting provider, Digital Ocean. Digital Ocean is one of the largest hosting providers in the world, so they are a great choice. Our prescient storage and databases are hosted in Microsoft’s Azure, which is also a leading worldwide hosting provider. Each of these provides has a ton of security practices and rules in place, and I try to follow them all.

I only disclose any OctoEverywhere information to other 3rd party services when absolutely necessary. For example to support subscriptions I need to send a unique user key to ChargeBee. Any 3rd party service or accounts I use for OctoEverywhere are secured with a unique and strong password and also have two-factor authentication set up where available.

Final Thoughts

I hope this post adds some transparency to the OctoEverywhere service and helps the OctoEverywhere community better understand the extensive security practices and procedures I consider and implement.

If you have any questions or concerns, please feel free to reach out to me via the contact page which will directly email me. I would be more than happy to discuss any further questions anyone has. If any of the questions are generalized enough and would be interesting for the community, I will update this post with the information.

SIGN IN WITH GOOGLE IS NOW AVAILABLE

Quick and cute blog update, Sign in with Google is now available!

What does that mean? It means you are now able to create or sign in to an OctoEverywhere account using a Google account. There are a few advantages to signing with Google:

  • Higher Account Security: Your account can be more secure, if you can take advantage of Google’s account security features.
  • Login Speed: Click a button and you’re in!

To be clear… we don’t send any information to Google about you and we only require your email address from Google. We don’t have access to any other Google account information even if we wanted to read it.

The decision to use your Google account is totally up to you. For users with existing accounts, you can set up Sign in with Google as long as your OctoEverywhere account email address matches your Google account email address.

And remember, to make your OctoEverywhere account as secure as possible, enable two-factor authentication!

That’s all for now! A lot of big things are on the horizon, so stay tuned!

Hello World!

Hello You! You found the new home for OctoEverywhere news!

I’m hoping a simple blog structure will give me more freedom to express updates and news. We shall see!