While the internet is up in arms over Bambu Lab threatening legal action against an indy OrcaSlicer developer, Josef Prusa once again warns of sheep in wolves' clothing. Prusa, the founder and CEO of Prusa Research and proponent of open source, has often noted that his company is the last Western manufacturer of desktop 3D printers still standing after China began subsidizing manufacturers within its borders.
Prusa recently took to X to explain how the competition has been violating his company’s slicer AGPL-3.0 license since day one, and how that violation is not just an open source issue, but a security issue. While many 3D printing enthusiasts are printing flexi dragons and shelf brackets rather than top secret files, the problem still exists.
First the Open Source Problem in 3D Printing Slicer Software
Prusa Research clearly states in Prusa Slicer’s start-up screen that it is based on Slic3r by Alessandro Ranellucci, despite years of improvement that have, like the Ship of Theseus, slowly replaced the code with improvements.
Anycubic, Bambu Lab, Creality, Elegoo, Flashforge, Snapmaker, and Sovol all have slicers resting on a foundation laid down by PrusaSlicer. The family tree is quite messy, with some slicers being more directly related to open-source OrcaSlicer, which is a fork of Bambu Studio, which is based on PrusaSlicer.
“BambuStudio has been violating the PrusaSlicer AGPL license since their fork, with the same networking binary black box in question today. Why are they willing to burn the goodwill over it?” Prusa said on X.
PrusaSlicer is licensed under AGPL-3.0, a strong “copyleft” license that allows users to use, copy, and expand on the original software. The only catch is that you must keep your new derivative open-source as well.
“You take from the community, you give back to the community. That's the social contract,” Prusa said. He said that Bambu’s fork of PrusaSlicer is fine, but the networking plugin is closed-source, which is in violation of AGPL-3.0.
Bambu’s defense is that the slicer and the network plugin are separate works, but Prusa said the argument falls apart in practice. “BS (Bambu Studio) cannot do its primary job without the plugin. The plugin cannot do anything without BS. They are not two products that happen to talk to each other, they are one product split across two files for PR license-laundering convenience,” he said. “Under AGPL, that's still a violation.”
Prusa’s point starts to crumble a bit at this point, because Bambu Studio can technically be used without the cloud if you set up the hardware in LAN mode or move files by hand using an SD card or USB stick. But the convenience of cloud printing is a major selling factor of Bambu Lab printers, to the point that many new users are so enamored by convenience, they never learn how to use the computer interface and simply send files from MakerWorld to their printer via the phone app over the cloud.
Prusa pointed out that you can not audit the network plugin like you can with Bambu Studio. It is downloaded from a CDN and can be replaced remotely upon launching your 3D printer.
Prusa Research considered legal action when they first discovered Bambu Lab on their network in 2021. At that time, Prusa Slicer had just introduced opt-in anonymous telemetry.
“We started seeing entries in our database labeled "BambuSlicer." We hadn't heard of BambuStudio yet. Their internal builds were accidentally configured to send telemetry to our servers instead of theirs, “ he said on X. “That's how we found out a fork existed, before they publicly launched.”
In the end, Prusa Research decided to leave its fledgling competitor alone, due to the difficulty in protecting software. Without a physical product to pass through customs, it would be impossible to force compliance.
“A license without a viable enforcement path is, in practice, a suggestion. So Bambu got away with it. The networking blob kept doing whatever it did. And many “we are sorry”s later we land here today - legal threats to a small developer opening their tiny black box,” he said.
And Now the Security Problem
Prusa went on to explain something many in the West are unaware of, which is the extent to which the Chinese government is intertwined in the business and industry of its citizens. This means that even if an individual from that nation had the best of intentions, they are still duty-bound to the laws of the state.
This might be a good time to remember the case of Naomi Wu, a Chinese tech reviewer and white hat hacker with a flamboyant style of dress who once gave her audience tours of daily Shenzhen life. At one point, she was the Chinese It Girl, with her face on the Creality CR-30, a belt printer she helped to develop.
She disappeared from the internet in 2023, shortly after trying to warn consumers of spyware in a Chinese keyboard app.
Ok for those of you that haven't figured it out I got my wings clipped and they weren't gentle about it- so there's not going to be much posting on social media anymore and only on very specific subjects. I can leave but Kaidi can't so we're just going to follow the new rules and…July 8, 2023
Prusa went on to explain a five-law framework China has built between 2017 and 2023 that requires citizens to not only assist in intelligence gathering, but also hand over the keys to all encryption to their government.
BambuStudio has been violating PrusaSlicer AGPL license since their fork, with the same networking binary black box in question today. Why are they willing to burn the goodwill over it?There's something most have sensed but never seen it all in one place, the five-law framework… https://t.co/xCoDJ7rd5j pic.twitter.com/VFCRmNOxXOMay 13, 2026
“Together they describe a system with no neutral exits. Cooperation is required, encryption is real, but the spare keys live at the ministry, jurisdiction follows the company across borders, industrial data is in scope, and discovered vulnerabilities flow to an intelligence agency,” Prusa explained.
After outlining the problem, Prusa goes on to fully color in the picture. He believes that the Chinese government is invested in the success of 3D printing because machines are used in the very offices and workshops where new ideas are created.
“Second, 3D printers concentrate at the places where new IP is created. R&D departments, prototype shops, defense suppliers, university labs, hardware startups. The machine sits next to the thing being invented. And the slicer sits on your computer with the same data and access you have,” Prusa said.
And it’s not just 3D printers. Prusa believes these values can extend to every industry, such as cameras, cars, and AI coding models.
Follow Tom's Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.
