IoT devices are, to be quite honest, a shitshow. Where your Sovol counts as such.
Either the device needs to call upstream to get updates or it’s going to ship with a security bug that can be exploited. Or, in may cases, it’ll have an unpatched security vulnerability and it’ll call upstream to get updates.
It costs money to keep the necessary cloud infrastructure in place, both in terms of hosting costs as well as devops time. Either they will eventually need to brick the device, leave it unpatched forever, charge you some maintenance fee, go bankrupt, or fund the whole thing by selling your data.
It’s not hard to write a bot that would scan for signs of a Sovol printer, try the default SSH password, and do nefarious things. And people are generally really bad about the default SSH password regardless.
There’s not really a good answer here for IoT devices. There’s not even a really great answer for home brew IoT devices with the thing where Home Assistant’s reverse-tunnel service had a nasty vulnerability that let you remote HA instances.
Aaand… IPv6 is great. But unfortunately the way things are now means that giving everything on your network a publicly routable IPv6 address is a very bad idea.
Klipper provides a lot of protections but all of that hinges on the microcontroller, so presumably an attacker can upload a substitute firmware using the update mechanism that would go full send on the heaters, which has the potential to actually melt some things.
The problem is that if you want Klipper, you need a full Linux. This is not actually a problem for the Klipper devs, mind you, because they wrote a cool tool for people comfortable modding their printers and only BTT and Obico sponsor Klipper. This was a lot less of a problem when we were talking about Marlin printers. Except that if people weren’t using Klipper, it’s just too damn easy to write a two-piece controller software in the same fashion of Klipper and get the expediency of writing code in Linux instead of in an os-less microcontroller.
tl;dr: there is no safe way to buy a printer with klipper on it, it just looks like it works right now.
My dad designed jet engines and nobody made him design a jet engine on the whiteboard. So you are starting from the right place.
We are here where we are today because we spent too much time thinking that acting like the right kind of nerd meant you were a good programmer. There’s nothing wrong with going to a job, working hard, and then doing something else. I know very productive engineers who don’t have a favorite science fiction book who were great to work with.
Given things lately, I think it’s healthy that a lot of people have had to take a step back and realize that their employer would totally harvest their organs for profit if they could get away with it. Providing people the right “tech subculture” cues has resulted in a lot of people working themselves to death and never seeing any income windfalls.
I actively hate a bunch of my old science fiction books from when I was a kid because they were written with what is, to my adult mind, a not-very-subtle fascist bent. There’s, obviously, some great novels out there that expand your mind … but at the same time, there’s a lot of the science fiction canon where I’d probably hate working with people who took those books seriously.
And, likewise, there’s a lot of people who simply don’t have time because they are smart people actually trying to get into the lucrative field of computer science and a good scifi novel reading session is a luxury they just don’t have.
“Tell me about your favorite science fiction book” is pretty much a textbook case for how to have good intentions but conduct an interview that’s, when you step back and think about it some more, biased. It’s checking for subculture-fit in ways that have nothing to do with how they are at work.
On the other hand, whiteboard tests are also useless.
If you want to make a better interview, I’d suggest you have an interview guide. Not a manager? Just write your own for your interviews and keep to it. This protects you from unconsciously giving the person who looks the part easy questions.
If you want to check for culture fit, talk about things at work that matter. Are you worried someone is going to talk down to a junior engineer? Make them talk about a time they had to mentor a junior engineer. Did they succeed? What did they do? Ask them about the best project manager or doc writer they worked with. Are you worried that they aren’t serious enough about getting shit done at work? Talk about the worst incident they ever were part of, but not the technical parts, just how they made sure it got fixed. Are you worried that they aren’t a good team player? Ask about their best collaborations. Or how they organized work on a large project. Or the time that they took one for the team. If you think through how the last crop of yuppies pissed you off for a while and break it down into questions that they’d not have a good answer to, you should be able to make a nice set of behavioral screening questions and a set of attributes that you want the person to display in their answers.