PrusaSlicer 2.3.0-alpha3 is released.
 
Notifications
Clear all

PrusaSlicer 2.3.0-alpha3 is released.  

Page 1 / 2
  RSS
Same Old Shane
(@same-old-shane)
Admin
PrusaSlicer 2.3.0-alpha3 is released.

Hello all;

This is a new testing release of PrusaSlicer. Please note that this is dedicated to moderate to experienced users.

This is the third alpha release of PrusaSlicer 2.3.0, following 2.3.0-alpha1 and 2.3.0-alpha2. This release mostly fixes bugs found in previous alphas, but it also adds several new features (such as Repetier server support) and 3rd party profiles.

To let you enjoy the alpha without worries, the alpha builds save their profiles into PrusaSlicer-alpha directory, so you may use the alpha side by side with the current release without ruining your production configuration.

Improvements with respect to PrusaSlicer 2.3.0-alpha2

  • The descriptions of configuration parameters in settings tabs now work as hyperlinks that open the respective page in our online help center. There is no hyperlink when the page does not exist for the parameter.
    image
  • Added support for Repetier server print host. (thanks @docbobo, #4384)
  • New option in Preferences allows to invert mouse wheel for zooming (#1336, #4395, #4701)
  • OSX specific: Settings dialog for 3DConnexion devices (Cmd+M) was enabled again to allow configuration of speed. The dialog was removed in 2.3.0-alpha1 in hopes that all related settings would be configurable in driver settings directly, but this turned out not to be the case for old 3DConnexion devices, which are not supported by the 3DConnexion driver correctly (#4892)
  • G-Code Viewer is now able to extract config from gcode created by Slic3r and Slic3rPE (#4982)
  • G-Code shows name of loaded .gcode in the title bar
  • G-Code Viewer reports invalid .gcode files
  • New icons for standalone G-Code Viewer
  • Tool marker in G-Code preview is visible by default when the horizontal slider is not at its end position.
  • Configuration snapshots were extended to capture and restore SLA print profiles, SLA material profiles and Physical printers configuration.
  • Reworked Export finished notification. It now contains path to G-code, "Open folder" hyperlink and Eject removable media button.
  • Renamed "FDM Support Editing" to "Paint-on supports" and "Seam Editing" to "Seam painting", new icon for the paint-on supports gizmo.
  • Linux: Integration of Flatpak configuration files thanks to @xarbit (#3064, #4039)
  • Linux: Added a desktop file for standalone G-Code Viewer
  • Filament stats exported to G-code are now exported with higher precision to match values shown in the UI (#780, thanks to @stelgenhof)
  • Unmount message slightly reworded by @vranisimo, thanks (#4523)

Bugs fixed, regressions with respect to PrusaSlicer 2.2.0

  • Switching of parameter pages is now faster. The lag was quite noticeable on Windows.
  • Fixed unexpected switch to non-perspective camera in certain scenarios (#4987)
  • Place on face sometimes positioned the object slightly inclined instead of perfectly flat (#3505)
  • OSX specific: Mouse position was not correctly calculated with Retina display when the mouse wheel was being rotated

Bugs fixed, reported for PrusaSlicer 2.3.0-alpha2

  • Windows: Previous alpha did not start on Windows 7 (#4972, #4974, #4979, #4994)
  • Fixed incorrect time estimates (#4986, #5066)
  • G-Codes for printers not supporting remaining times contained internal G-Code annotations as comments by mistake
  • Horizontal slider in 3D preview is correctly updated when 'Sequential slider only applied to top layer' preference option is toggled.
  • Horizontal slider range is correctly updated when individual G-code features are turned visible or invisible.
  • Fixed crash in monotonous infill happening in very specific geometry situations.
  • Notifications were sometimes erroneously shifted to the left in Preview mode.
  • Shift+Tab erroneously showed/hid the sidebar in the standalone G-Code Viewer (#5009)
  • Parsing of the G-Code annotations was made more specific so that comments provided by the user through custom G-Codes will not be interpreted as PrusaSlicer's own annotations (#4992)
  • Linux: Standalone G-Code Viewer did not work correctly when started from PrusaSlicer or with a .gcode file as an argument (#5013)
  • Linux: Fix crashes on Linux when incompatible libpng version was installed in system (#4908)

New 3rd party profiles

Download link:

https://github.com/prusa3d/PrusaSlicer/releases/tag/version_2.3.0-alpha3

Please report any bug here:

github.com/prusa3d/PrusaSlicer/issues

We look forward to your feedback!

Shane (AKA FromPrusa)...
Posted : 04/11/2020 10:21 pm
--
 --
(@)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

Hey - I need folks to chime in on a new "feature" in Prusa Slicer alpha 2.3.0.a2--  hyper links in the normal UI, replacing what was hover text, in the region of print tab settings.

I can't count the number of times I've opened a browser to Prusa when all I wanted to do was click a check box or view hover test. 

https://github.com/prusa3d/PrusaSlicer/issues/5196

 

I would not mind it bringing up a local copy of help text for a deeper explanation, or even heading off the parts unknown on the web IF I INTENTIONALLY SELECTED TO BROWSE.  But to have incidental clicks open other applications is just bad form. Especially when some internet access is metered, tracked, or just not wanted.

Ideally I'm voting for it to be a right click pop-up choice, not an immediate action, and at a minimum the ability to turn it off. 

 

Posted : 19/11/2020 9:09 am
bobstro
(@bobstro)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

Also a massive security risk, and a time saver for the ransomware criminals since they only have to make modifications to the URLs and distribute a modified version to the unsuspecting.

Opening up a web connection, particularly a one-click operation with no confirmation, is a bad idea.

My notes and disclaimers on 3D printing and miscellaneous other tech projects
He is intelligent, but not experienced. His pattern indicates two dimensional thinking. -- Spock in Star Trek: The Wrath of Khan...
Posted : 19/11/2020 3:03 pm
towlerg
(@towlerg)
Noble Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

I guess it's horses for courses. I thought the cross reference was great idea and the way it works seems quite logical. You hover over the value if you're thinking of changing it and over the variable name if you want to know more about it.

It does warn you if you hover over the variable name by tooltiping a URL.

Perhaps it will be less of an issue when Prusa migrate to local help (assuming they ever do). 

Posted : 19/11/2020 4:03 pm
bobstro
(@bobstro)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.
Posted by: @towlerg

[...] Perhaps it will be less of an issue when Prusa migrate to local help (assuming they ever do). 

It would definitely be less of an issue if they'd pull down refreshed HTML or other formatted help pages rather than launching a browser. 

 

My notes and disclaimers on 3D printing and miscellaneous other tech projects
He is intelligent, but not experienced. His pattern indicates two dimensional thinking. -- Spock in Star Trek: The Wrath of Khan...
Posted : 19/11/2020 4:10 pm
--
 --
(@)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

CHM files are one thing, but linking to third party sites without any user action is just plain silly.  Most people in the software industry identify such practices as click bait (and they are being nice).  None of my professional product software engineers would ever have even considered such a notion, and management would never have let it happen.  The closest is the Help About panel, it could have a hot link to a web site for license and privacy - even then, we always placed the files local because it was just a better idea and best practice.

If this continues and Prusa really does this, now I have to order the edge firewalls to block all external access by all Prusa products. Sheesh.

Posted : 19/11/2020 7:00 pm
--
 --
(@)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

Too funny: they are so busy making the tool a click bait trap that they forgot ho to make useful accurate web links to the product they want people to use.  More evidence that html links are prone to accidental errors as well as malicious ones.  

 

Download link:

https://github.com/prusa3d/PrusaSlicer/releases/tag/version_2.3.0-alpha3

ps: to the less astute - that link takes you to a place that the text does NOT indicate.

This post was modified 11 months ago 2 times by --
Posted : 19/11/2020 7:23 pm
--
 --
(@)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

And I am still trying to find any other application that has html links that open up a browser with a single conventional left click.  So far, zero.

I think the only reason people haven't flared up is that right now only a few of the links are implemented. It will be interesting when every item with hover-text hints has a web link instead of fixed labels.  

And - for whatever reason - you can't even make the Firewall block slicer from opening external links.  So now it's looking like users will need to hack the registry to keep the security risk minimal.  This keeps getting worse. lol - not.

Posted : 19/11/2020 7:37 pm
--
 --
(@)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

lmao - so this is the rage for increasing a revenue stream - bury facebook, google, and whoever else's analytics targets in your web page, and then make it all but impossible to keep people from accidentally opening your web page filled with said click bait targets. 

This post was modified 11 months ago by --
Posted : 19/11/2020 7:48 pm
--
 --
(@)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

It gets better - now, it seems to be randomly starting up teams when I click random locations near html links within PrusaSlicer 2.3.0a3 ... this is hilarious.  Honestly, all I am trying to do its create a couple firewall rules to block Plicer (the name I am going to continue using until this is fixed, even though I know it annoys the hell out of the devs).

 

Posted : 19/11/2020 9:45 pm
towlerg
(@towlerg)
Noble Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

@-2

"lmao - so this is the rage for increasing a revenue stream - bury facebook, google, and whoever else's analytics targets in your web page, and then make it all but impossible to keep people from accidentally opening your web page filled with said click bait targets." Are you accusing Prusa of doing ant of the above?

Posted : 20/11/2020 1:27 pm
Vojtěch Bubník
(@vojtech-bubnik)
Admin
RE: PrusaSlicer 2.3.0-alpha3 is released.

> And I am still trying to find any other application that has html links that open up a browser with a single conventional left click.  So far, zero.

Ideamaker?

A "?" icon in the left bottom corner of their "Advanced settings" dialog opens a web browser with their help desk.

...
Posted : 20/11/2020 3:08 pm
bobstro
(@bobstro)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.
Posted by: @vojtech-bubnik

[...] A "?" icon in the left bottom corner of their "Advanced settings" dialog opens a web browser with their help desk.

Indeed, although it's well out of the way for a casual inadvertent click. ideaMaker is closed source, so somewhat less chance of somebody distributing malicious versions with as much ease, but they are also guilty of not indicating what is to be done.

A lot of corporations won't allow the installation of software that does this sort of thing for exactly these reasons. It would be a good idea to provide a user preference to disable "link to external content". I'm a bit more worried about it in Prusa's case because of past moves they've made like linking user accounts between the online shop and forums. A would-be attacker not only could link to a malicious site but also knows that there's a good chance the user will connect to Prusa's site with an authenticated account. 

My notes and disclaimers on 3D printing and miscellaneous other tech projects
He is intelligent, but not experienced. His pattern indicates two dimensional thinking. -- Spock in Star Trek: The Wrath of Khan...
Posted : 20/11/2020 3:18 pm
bobstro
(@bobstro)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.

Quick follow-up: The Prusa online account holds a complete mailing address, confirmation of permission to process personal data and -- for some reason -- a field for date of birth. Not sure how difficult it would be for someone familiar with the process to auto-order some neat stuff, but it would be nice to hear that this has been anticipated and protected against.

While the "whatabout" defense of ideaMaker doing something similar is valid (but hardly reassuring), Raise 3D only links to a generic support page with no user credentials. My concern is that it is very easy to inadvertently click the green text which opens a browser to the Prusa help site, and from there a click takes me to the Prusa online store using the same credentials that I used to log into these forums.

My notes and disclaimers on 3D printing and miscellaneous other tech projects
He is intelligent, but not experienced. His pattern indicates two dimensional thinking. -- Spock in Star Trek: The Wrath of Khan...
Posted : 20/11/2020 3:30 pm
Vojtěch Bubník
(@vojtech-bubnik)
Admin
RE: PrusaSlicer 2.3.0-alpha3 is released.

I think we have two issues here. One is the UI issue and the other is the security issue.

> I can't count the number of times I've opened a browser to Prusa when all I wanted to do was click a check box or view hover test. 

I do not understand why you are clicking on the item label. It never did anything in PrusaSlicer 2.2 and older. Now clicking on the label opens a web browser and the tooltip shows the hyperlink. Everything is transparent.

> But to have incidental clicks open other applications is just bad form. Especially when some internet access is metered

ok, I can understand that being connected over the cell phone may be expensive. I wonder what system you are using, where you have a fine control of the amount of internet communication to minimize data usage.

> tracked

PrusaSlicer downloads profiles over internet. The help is on the same Prusa site. I don't think it may be harmful for you that somebody finds out you were connected to Prusa3D site. Maybe I am not conscious or security aware enough? Would you please enlighten me?

> or just not wanted.

I can understand that opening a browser may take time on an old computer or it may be annoying.

> Ideally I'm voting for it to be a right click pop-up choice, not an immediate action, and at a minimum the ability to turn it off. 

We may do that after all, if we get enough of feedback as of yours.

> ideaMaker is closed source, so somewhat less chance of somebody distributing malicious versions with as much ease, but they are also guilty of not indicating what is to be done.

I am not buying that argument. PrusaSlicer is open source, so anybody could produce a malicious version of it, and the malicious build of PrusaSlicer could do much worse things than opening a web browser with some web page. That is the beauty of open source. Anybody could fork it and build his version. We have no control over it, it is up to the users to download and use a build produced by us. It is all about trust. If you don't trust us, then you should not install our software in the first place.

We are trying to play safe. PrusaSlicer downloads profile updates from PrusaSlicer site. We only allow the profile updates to be downloaded from our site for security reasons. There is a pull request to lift that restriction, but I would not merge it. https://github.com/prusa3d/PrusaSlicer/pull/4129

> A lot of corporations won't allow the installation of software that does this sort of thing for exactly these reasons.

Why? Because they fear that somebody will fake their DNS and the request will be redirected? Or because they don't trust the vendor of the software? Then they should not allow installing such software on their machines in the first place. I am not buying into this argument.

 

...
Posted : 20/11/2020 3:57 pm
Vojtěch Bubník
(@vojtech-bubnik)
Admin
RE: PrusaSlicer 2.3.0-alpha3 is released.

@bobstro

> Quick follow-up: The Prusa online account holds a complete mailing address, confirmation of permission to process personal data and -- for some reason -- a field for date of birth. Not sure how difficult it would be for someone familiar with the process to auto-order some neat stuff, but it would be nice to hear that this has been anticipated and protected against.

What does it have to do with PrusaSlicer help page being opened?

> While the "whatabout" defense of ideaMaker doing something similar is valid (but hardly reassuring), Raise 3D only links to a generic support page with no user credentials. My concern is that it is very easy to inadvertently click the green text which opens a browser to the Prusa help site,

That may be.

> and from there a click takes me to the Prusa online store using the same credentials that I used to log into these forums.

If I understand you correctly, you claim that just going to help.prusa3d.com is toxic because you may be logged into prusa3d? Which click would bring you to https://shop.prusa3d.com/ ? PrusaSlicer does not send you there, you would have to do it yourself. I still don't get it.

...
Posted : 20/11/2020 4:03 pm
Vojtěch Bubník
(@vojtech-bubnik)
Admin
RE: PrusaSlicer 2.3.0-alpha3 is released.

@-2 @bobstro

To make everybody happy, we will open a dialog, asking whether you want to open the browser or not, and we will allow you to remember your choice and not ask again. 

Still I would like to understand the security consequences of our current implementation.

...
Posted : 20/11/2020 4:09 pm
Mikolas Zuza
(@mikolas-zuza)
Moderator
RE: PrusaSlicer 2.3.0-alpha3 is released.

Reading through this thread, I'm just really sad, that you think so little of us.
We were just trying to make accessing the documentation easier.

Posted : 20/11/2020 4:23 pm
bobstro
(@bobstro)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.
Posted by: @mikolas-zuza

Reading through this thread, I'm just really sad, that you think so little of us.
We were just trying to make accessing the documentation easier.

Don't take it that way... or at least don't take my comments that way. The most valuable thing you can get in business is feedback. If you're not getting feedback, that means customers are just leaving and you'll never know why.

I'm not here to score points at anybody's expense, but I am glad there's a discussion on the downside to this approach. It's not that it's a horrible idea, but it should be done with security in mind upfront rather than trying to play catch-up after a serious incident.

I'm going to reply to the questions above when I have more time. Let me just summarize by saying that I work in cybersecurity and have seen the consequences that can result from not thinking something through. The single biggest security threat to companies these days is a user with a web browser.

Please take my comments as valuable feedback -- which you're welcome to disregard -- intended to help make your excellent software even better. I assume most posters here feel the same. I hope you've read many of my other posts where I praise PrusaSlicer and Prusa in general. What you've done with the rickety Slic3r code that you started with is truly amazing and it keeps getting better. It's just that this one may have implications that need to be fully understood.

Now I do think there's room for improvement with bridging... but that's another discussion. 😀 

Stay safe!

My notes and disclaimers on 3D printing and miscellaneous other tech projects
He is intelligent, but not experienced. His pattern indicates two dimensional thinking. -- Spock in Star Trek: The Wrath of Khan...
Posted : 20/11/2020 6:19 pm
kirby liked
bobstro
(@bobstro)
Illustrious Member
RE: PrusaSlicer 2.3.0-alpha3 is released.
Posted by: @vojtech-bubnik

@-2 @bobstro

To make everybody happy, we will open a dialog, asking whether you want to open the browser or not, and we will allow you to remember your choice and not ask again. 

Still I would like to understand the security consequences of our current implementation.

Unfortunately I'm busy this afternoon, so can't reply properly right now.

In short, when PrusaSlicer opens a browser on the user's desktop, it has whatever settings and permissions that user has enabled. This means the browser opened by PrusaSlicer is the user for all intents and purposes. If that user has logged into their forum account and that forum account is tied to their online store account, the browser has the user's permissions to jump between tabs.

Try this for yourself: Log out of the online store and forums. Log back in only on the forums. Then open another tab and navigate to the store. If you're already logged in, you'll notice you can access your full account data.

The danger is that this access could be used in an attack:

  • If somebody manipulates the PrusaSlicer code and distributes it (e.g. linking to it from 3rd party web sites), they could be inserting a URL that opens a malicious site to install malware, then has access to the user's browser (incl. Prusa web store info). This is made worse by the fact that PrusaSlicer is installed as 3rd party software and not "approved and verified" by Microsoft or Apple.
  • If the Prusa help site is hacked, the page those helpful links land on can be manipulated to point to malicious sites or to let the attacker gather useful personal information such as what's contained in the online store accounts.

Those are just a couple of quick examples. The ransomware attackers are using much more tricky techniques as well.

In short: Browsers are dangerous, particularly if they do something the user isn't in full control over.

My notes and disclaimers on 3D printing and miscellaneous other tech projects
He is intelligent, but not experienced. His pattern indicates two dimensional thinking. -- Spock in Star Trek: The Wrath of Khan...
Posted : 20/11/2020 6:27 pm
Page 1 / 2
Share: