Bambu Lab's Bind: Company Stands By Its Position in Open Source License Fight
all3dp.com
Bambu Lab’s critics continue to line up to take shots at the company. Following the company's pressure to take an OrcaSlicer fork that restores the connection to its cloud service offline, attention has sharpened onto an alleged AGPL license violation that may have lived within Bambu Studio since its launch in 2022. Bambu Lab contests this.

Bambu Lab has signalled it views the reverse engineering effort as legally distinct from the open source debate. The company cites DMCA Section 1201 and WIPO Copyright Treaty Article 11 – which obliges signatory nations to provide legal remedies against circumvention of technical protection measures. “This is not a uniquely American legal concern,” the company says, “it reflects a broad international consensus on protecting secure systems.”

Also they apear to only check user agent in their so called authentication: https://github.com/jarczakpawel/OrcaSlicer-bambulab/blob/main/bambu_response.md

They are claiming copyright over an open source license due to their cloud authentication.

https://forum.bambulab.com/t/setting-the-record-straight-on-cloud-access-and-community

First and foremost, we fully support the open-source community and will continue contributing through Bambu Studio. We deeply respect the AGPL license. Modifying, forking, and redistributing code, as seen with OrcaSlicer and many other projects, is fully respected. We have no issue with this.

Also to be very clear: this is not about OrcaSlicer itself or any other legitimate forks.

The concern is specifically around a separate fork that attempts to impersonate an official Bambu Studio client in order to access our cloud services.

We have observed instances of this being shared publicly. Technically, this involves injecting falsified identity metadata into network communications so that an unofficial client appears identical to an official one to our servers.

This type of method introduces serious risk. If used maliciously, it can generate DDoS-like load patterns, overwhelming our cloud infrastructure and negatively impacting service stability for all users. We learned this before.

It is important to distinguish between rights to the code and access to the service. Open-source licensing governs the code, but it does not grant unlimited or deceptive access to Bambu’s private cloud infrastructure. Our cloud is a private service. Access to it is governed by a user agreement, not the AGPL license.

  • jmp242@sopuli.xyzEnglish
    1·
    5 days ago

    I don’t think that argument from Bambu is wrong though? Or I don’t know all the details. Are they suing the fork or just blocking it’s access? I would think they could just implement a token or credentials you have to supply to access their service like… any other web service?

    • themachinestops@lemmy.dbzer0.comOPEnglish
      2·
      5 days ago

      They are using an open source license. They threatened a developer to remove the code, most people believe that they want to lock the printers in the same way that HP does. They want you to pay a subscription. What they basically did form my understanding is take an open source code and add a cloud component to it, but they did not make that open source even though the open source license requires that all code be made open source

      It was built on top of PrusaSlicer, which itself came from Slic3r. Both predecessors carry the AGPLv3, and so does every derivative built from them. SFC looked at both the userspace software and the firmware running on Bambu’s devices and pointed out the violations.

      The first is about libbambu_networking, a networking library that ships with Bambu Studio across Linux, Windows, and macOS. It handles all communication between the slicer and Bambu’s cloud.

      Bambu has never made the source code for it available, despite AGPLv3 requiring that any code distributed alongside an AGPLv3 project be released under the same terms. SFC says Bambu’s own README has effectively sat with this admission for years now.

      The second violation comes from how Bambu handled Paweł Jarczak, a developer who built a fork of OrcaSlicer that could communicate with Bambu’s servers by studying the incomplete Bambu Studio source code.

      He did not touch the proprietary library at all. Bambu still contacted him, demanded removal, and stated a cease-and-desist letter had been prepared, arguing its terms of service take precedence over the license.

      You see the problem? The AGPLv3 explicitly says no one can place additional restrictions on the rights it grants. The SFC says going after Pawel the way Bambu did is itself a violation.

      https://itsfoss.com/news/bambu-lab-caught-violating-agplv3/

  • rainwall@piefed.socialEnglish
    38·
    14 days ago

    There is not a “broad, international consensus” on digital locks. This was strictly the US using its trade and soft power to bully other nations into ratifying DMCA-like treatises or risk losing easy trade.

    That’s all been blown up now due to Trump and his “tariff all the time” idiocy.

    Cory Doctorow has been pointing out very explicitly recently that with the threat of tariffs gone, that other counties should drop these stupid US prompted laws and instead encourage literal hackery in order to make home grown, billion dollar industries circumventing stupid bullshit:

    https://pluralistic.net/2026/01/29/post-american-canada/#ottawa