[basilikum]

It's maddening that quite a few people are jumping to defend Bambu here.

Principally if you sell a device with a certain functionality and you later modify that device later to remove that functionality that is called theft. It does not matter the slightest bit whether you break into someone's house to physically alter the device or whether you remotely install a malicious software update to do that.

But what's even more insane here is that some people are claiming that BambooLabs would somehow have the right to do this, because while BambooLab might not have the right to limit the hardware they already sold (which they did and these people just pretend did not happen) they have the right to limit their printer client software under the license conditions they impose on it from the beginning, when their printer client is literally a modification of AGPL licensed software. The entire point of the GPL is to prevent people like BambooLabs from doing exactly this. The AGPL is literally the single license with the most restrictions on BambooLabs to ensure that the users of the software — the customers — do not have any restrictions in what they can do with it.

Some people are seeing this situation and just decide to side with the company against their customers on imposing restrictions on an already sold product after the sale and they are literally making shit up to justify it.

Edit: For people who do not know what this is about: Someone modified AGPL software to reenable features of these 3D printers that BambooLabs stole after the sale and BambooLabs sent a legal threat to them to stop distributing the software.

[p0w3n3d]

> later modify that device later to remove that functionality that is called theft.

I've always been told it's called business. But I fully agree with you. Just wanted to note that this is the current business model both with hardware and software

[MSFT_Edging]

This is why the fight/loss for open computing is so important.

Without the ability to run your own code, this will be everywhere and everything.

Without some counter force of open source pushing back and offering alternatives, we'll be putting tokens in a machine to check your email. Reading email will cost 4 tokens and you'll only be able to buy them in groups of 7.

[Gormo]

> I've always been told it's called business.

The "business" ended when the sale transaction concluded. The fact that you were the seller in that past transaction doesn't entitle you to vandalize goods that now belong to someone else.

This is just crime trying to disguise itself as legitimate business, as scams often do.

[dspillett]

> The "business" ended when the sale transaction concluded.

Actually not, though not in a way that makes the rest of your post incorrect.

Various laws and regulations state that the seller has responsibilities to the buyer after the initial transaction has completed, one of which Bambu might¹ be transgressing by removing features that people we lead to believe were part of the product, and could reasonably expect to remain part of the product, at the time of the sale.

--------

[1] This has not been tested in court, and I'm no lawyer, take my idea of what is the case with a requisite serving of condiment.

[p0w3n3d]

I've been treated this way numerous times. First example: FlightRadar - I bought the app, they sunsetted it and created "new one" with monthly payments

[basilikum]

Crime is unfortunately legal.

[account42]

At least when it's profitable for stockholders.

[vfvthunter]

So the C&D was stupid, and so is how their network works apparently.

Fundamentally, what Bambu are saying is that they have a right to restrict what software accesses their network. The C&D was allegedly sent to stop distribution of software that was written to access their network in an unauthorized fashion (Allegedly according to their ToS).

AGPL covers source code. It does not cover who can access what network with AGPL'ed software.

Thus Bambu - like it or not - have a right to limit what software accesses their cloud. You are still free to do whatever you want with Bambu's AGPL'ed software. But they don't have to let you on their network if they don't want to.

With that out of the way, sending a C&D is a pretty regarded way to accomplish this. The correct way would be to sniff out which clients are using 'real' Bambu Studio and which aren't. However according to Bambu, Pawel specifically modified BambuStudio (ya know, because they haven't violated the AGPL, because he is free to do that) to make it look like Studio.

I can only assume that actually locking down their network for real would require every Bambu printer to have a firmware update that would add some sort of signed encryption to access the cloud features. The C&D appears to be a shitty action prior to a huge undertaking.

I do wonder exactly how secure their super spendy "Enterprise" X1E printer could possibly be given how easily Pawel was able to make a fork work on their cloud.

As to your second paragraph about functionality and theft, 1) I can still print from Bambu's cloud with my Bambu printer so I don't think they've changed any functionality, and I can still use Orca in LAN mode. and 2) designed obsolescence exists.

I disagree with your assertion that because forks were able to access cloud functionality previously, that Bambu must maintain that functionality ad infinitum. My opinion would change if anyone showed me where previously they were promoting how any third party apps could access their cloud.

[wpm]

I think the really important part of this is that Pawel modified OrcaSlicer to look like BambuStudio by looking at the AGPL licensed source code of BambuStudio and copying it over.

And the function he copied over just set the UserAgent string to some hard coded values also available in the AGPL source code of BambuStudio. He didn't reverse engineer anything. Just went and looked at public code that's free to use for any purpose.

BambuLabs is probably just big mad that their "security" argument for their walled garden, weak as it was, just got publicly pantsed. I've never heard of a fucking dumber way of "securing" a service than a plaintext client-side assertion "I'm allowed to send you print jobs uwu :3"

The entire debacle is incredibly embarrassing for Bambu.

[tootie]

Yeah they're argument is based on saying that sniffing a user agent string is illegal reverse engineering. If they get the right 100 year old judge they might even succeed but it feels like a thoroughly lame argument to me.

[observationist]

Not even sniffing - no special action need be taken, simply looking at the code which they are legally obligated to provide is sufficient.

It's like putting up a sign that says "No trespassing, unless you know the secret code word, which is 'Stegosaurus'".

[ixwt]

According to the video about this by Louis Rossman, there wasn't even string sniffing. No changes were made in the code, the client ID was hard coded in, and was untouched by the author.

[SV_BubbleTime]

> never heard of a fucking dumber way of "securing" a service than a plaintext client-side assertion "I'm allowed to send you print jobs uwu :3"

Love it; but just wait, I bet Claude surprises you this year.

[basilikum]

I mean, client side secrets and user agent white listings aren't exactly uncommon.

[emilecantin]

> However according to Bambu, Pawel specifically modified Orca to make it look like BambuStudio

"Specifically modifying" as in "not even touching that part of the code in the fork"...

[basilikum]

> Thus Bambu - like it or not - have a right to limit what software accesses their cloud. You are still free to do whatever you want with Bambu's AGPL'ed software. But they don't have to let you on their network if they don't want to.

Even if we take this at face value, it is irrelevant to their legal threat. They demanded the author to stop distributing software. So no they do not respect your right to be "free to do whatever you want with Bambu's AGPL'ed software.

[vfvthunter]

I didn't say they respected anyone's rights.

They sent a C&D asking him to take the code down. He was and still is free to ignore that C&D. It's simply the easiest, laziest move on their part to get non-BambuStudio software off their cloud. I am sure they are working on software updates right now; their shitty, dickish C&D was simply the most expedient way to stop it.

I seriously doubt they would've taken him to court over it, and also doubt they'll sue this clout- and click-chasing Rossmann idiot either. But a C&D requires almost no effort.

Sending that lazy childish C&D still in no way violates the AGPL.

[therealpygon]

A lot of the things you are perpetuating are outright lies. Just FYI.

Figure I should explain:

Lie #1: “Access their network in an unauthorized fashion.”

The perfectly legal use of public AGPL code does not constitute “unauthorized access”. If they allow their AGPL product to connect, and publish that method of connection, they are not permitted to add additional restrictions on the use of said code. They are permitted to require additive code to be make itself appear unique — but that must follow the license and be part of the license as an addendum, not a retroactive afterthought.

Lie #2: Pawel “specifically modified” BambuStudio [sic.] to look like Studio.

A patently false and outright lie. Pawel used AGPL licensed code. End of story.

Assertion: “Bambu has the right to limit the software that connects to their network.”

Yes! They do! They don’t, however, get to publish the code to do so under AGPL and then claim no one else can use it. Copying and executing that code is an explicit right in AGPL. Bambu is not required to continue operating their cloud or allowing those connection. They absolutely have that right to refuse all connections and correct their mistake.

Bambu also absolutely had the right to keep their cloud access private and to provide a system library to handle the connection to their cloud without it being AGPL. That is literally the specific purpose of AGPL.

“A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.”

Bambu chose to open up access to their cloud when they published the connection method under AGPL code. They can shut down that service, issue a new firmware, and release their revised non-AGPL system library for Bambu Studio to use their cloud at any time.

What they don’t get to do, and why everyone is giving them the finger, is retroactively decide “whoopsie, I didn’t intend that” and then abuse laws to violate the license they agreed to.

Listen, you can believe what you like, but there is a reason Louis Rossman had no hesitation to host this code. That’s because anyone less afraid and with at least a little technical and legal knowledge probably would have just as high degree of certainty that Bambu will be paying their legal fees. (Louis has the added benefit of living in an Anti-SLAPP state…intentionally.)

[Onavo]

This is essentially the same as Signal. Signal foundation, despite their non-profit status, behaves like for profit entities and refuses to allow 3rd party forks of signal. If you fork and build the signal app, you better host the servers yourselves too.

[subscribed]

And yet, I'm using Molly, an independent Android fork of Signal.

Signal itself is released on AGPL-3.0: https://github.com/signalapp/Signal-Android so this is probably why Molly forked.

So not sure what are you talking about.

[amelius]

I always put printers (2d and 3d) behind a firewall so they cannot reach the internet. This prevents auto-updates and surprises like disappearing functionality.

[jamesnorden]

I've been bitten by an HP printer auto updating and my aftermarket ink suddenly not being acceptable. Never buying HP again after that.

[9cb14c1ec0]

I once updated my Epson, and it started rejecting aftermarket ink. Fortunately there is a way to downgrade the firmware.

Never buying a cartridge based inkjet printer again.

[bayindirh]

If you don't care about ink quality, then aftermarket ink is fine.

However, if you want your pictures to last 10+ years under the sun, or being able to read what you have printed after some time, getting the genuine ink is the way.

People think ink is simple. It is not.

Anybody thinking otherwise, some points of pondering:

     - Why Xerox and HP run their own toner/ink labs to formulate their own ink down to molecule level?
     - Look at your standard disposable pens. Gel, liquid, dye, pigment, alcohol/water/oil based, UV resistant or not... It's a hard chemical problem.
     - Similarly even something bland like fountain pen ink has hundreds of different formulations. Not colors, formulations. Washable to cellulose reactive and everything in between...

It's not dyed drinking water.

Lastly, I'm not against people using 3rd party ink at any level. I just want to point out that not every ink cartridge is created equal.

[dspillett]

> then aftermarket ink is fine

Then why don't they allow it, perhaps with warnings?

They don't block after market ink because of quality concerns, though they might claim so, they block it because they want to make more money from you themselves through ink sales. The common response here is “but they make a loss on selling the hardware!”, to which my response is “their bad pricing decision is not my problem”.

[abustamam]

My roomba had warning in its guide that third party accessories may not properly work with the device. I was like pshaw you're just nickel and diming me!

But indeed, the third party brush caused the robot to have all types of errors. Some third party parts did work, just not the brushes. I guess there's some sort of strict size tolerance and the third party ones were a bit too big or small.

But I had only myself to blame for that.

[bayindirh]

I agree that "making loss on the hardware and using ink to offset that" is a very bad business decision. I have an 10+ year old HP Deskjet 4515 Ink Advantage which had a high initial price but cheap refills (black ink is pigment, but color cartridge is dye, but is UV resistant if printed on good photo paper), and that thing never created any problems for me hardware or software wise.

I can still use any print I got from it even after a decade. Ink's that stable on these.

From my perspective, 3rd party ink or toner is a support nightmare, esp. if it's bottom of the barrel. Again, from my perspective you should be able to take the responsibility and use these if you really want, but any ink or toner related damage might be out of warranty then (HP's genuine cartridges come with their own guarantees).

So, I can speculate that makers both offset the price and don't want to handle support tickets related to 3rd party ink damage for lower end devices, and buyers of higher end models are either using 1st party ink, or fine with paying the repair costs if their 3rd party installations go haywire.

Also, it's possible that kits for higher end inkjet systems (large format/plotter systems) tend to be higher quality since these models cater to professional shops which needs high quality supplies.

Lastly, I talked with someone who said that they buy the cheapest paper and cheapest ink because the printouts are disposable for them, and I find that point entirely fair, too.

My main point was underlining the fact that ink is not something simple in formulation. I don't defend banning 3rd party ink, but just pointing out some facts. I believe everybody can carry out their own fafo procedure.

[smashed]

That does not mean I cannot use the ink I want in a tool that I own.

Yes, your ink might be better. Market it that way and make it known. No problem with that. But prevent me from using my tool using DRM and firmware updates? That is customer hostile.

[bayindirh]

We don't disagree. See my longer comment above.

[FatCat1979]

> However, if you want your pictures to last 10+ years under the sun

Ah yes, the standard usecase for a printer. putting pictures outside for a decade.

[bayindirh]

Printing a family picture on 4"x6" photo paper, framing it and putting in a living room exposes it to copious amount of UV light over a decade.

It's one of the exact reasons inkjet printers and blank, inkjet-compatible photo paper exists. HP was bundling them with their printers when I last opened mine.

[froglets]

Brother does the same thing. Eventually generic toner that does work with those updates comes out. I will say that genuine brand name toner cartridges seem to last longer than generics but there’s no difference in quality imo.

[fanatic2pope]

In the case of Bambu you'd want to do this to prevent surprises like your printer from randomly starting to print due to a "cloud error".

https://www.techradar.com/pro/did-your-3d-printer-start-prin...

[account42]

I refuse to even put them on a network - just direct USB to a host where I fully control the software.

[p0w3n3d]

that's what I had in my mind - I want to switch back to HP printer because the Brother I bought has inferior picture printing quality, but I am scared of any software update, so I guess I'll connect it to old linux machine and serve via CUPS

[chopin]

I just don't allow outbound connections for our HP printer.

[15155]

Which means the controversy in question would not apply to you whatsoever.

[Aurornis]

> It's maddening that quite a few people are jumping to defend Bambu here.

I haven’t read each of the hundreds of comments, but I haven’t seen anyone defending Bambu really.

What I have seen is a lot of comments trying to correct all of the bad information, which might look like defending Bambu labs to those who came into this thread not understanding what the problem was. Many of the angry comments think that this is a fork to enable LAN mode or remove a cloud requirement, but this is actually the opposite. It’s code to splice the Bambu cloud code from official Linux slicer into OrcaSlicer, which is a fork of the Bambu slicer.

This is allowed and should be defended. Bambu was wrong to try to threaten it because, as I understand it, this was a matter of merging some of their AGPL code into a fork of their AGPL code. Fair game.

I do think the angry mob of people who don’t own Bambu printers who have jumped on this issue is starting to become their own worst enemy, though. There are a lot of confused Bambu printer owners in this thread trying to understand what’s going on and getting the wrong explanations delivered by people who I would guess have no understanding of the situation other than being brought here by some YouTube videos that didn’t really explain the matter well either. There’s also apparent a foundation getting involved which has a vibecode AI slop website that doesn’t explain anything but it getting shared as an explanation, and this GitHub repo was also uploaded by someone who doesn’t understand git or GitHub because they uploaded a copy of the forked code as a single commit instead of keeping git history or introducing it as a real fork.

I suggest that this repo not be used by anyone because it’s not good practice to run a fork without verifying the provenance and checking the changes, which cannot be done when the repo is nothing more than an upload of a copy of some source with no link to the base repo and no history of changes. There are several other actual copies of the fork on GitHub and linked throughout this thread that would be better sources.

[rspeed]

Thank you! This is why I have a very mixed opinion of Louis Rossmann. His heart seems to be in the right place, but he provides extremely slanted view of reality.

[kube-system]

> Principally if you sell a device with a certain functionality and you later modify that device later to remove that functionality that is called theft.

Factually, it is not. Maybe you think it should be prohibited -- as I also do.

But the proper legalese here is likely a consumer protection regulation.

[bdcravens]

The issue isn't access to the printers, it's access to Bambu Lab's cloud.

[InTheArena]

That's not true - that's a canary that Bambu through out there to distract from the thing that they absolutely took steps to force everyone into their ecosystem (which just happens to only sell their product, and to monetize prints directly for them).

[navane]

Is this the reverse "you wouldn't download a car"?

[basilikum]

You wouldn't download [and print] a 3D printer.

[xyzal]

You are on a venture capital run forum. A lot of people here would approve of this business model, as long as it brings in monies ...

[divers1776]

Was it in the T&C's? I only ask because I feel like it fits the pattern of every tech company in the US to do this.

[dspillett]

> if you sell a device with a certain functionality and you later modify that device later to remove that functionality that is called theft.

It could be argued that it is not theft by various devious uses of legalise¹.

Personally I'd go with calling it, at best, deceptive sales practices (on the assumption that they knew they'd be moving this way long before they did), or possibly outright fraud if I'm in a less generous mood.

[FYI: Bambu A1 user for nearly two years, also have a Snapmaker U1, if I buy anything else it won't be Bambu unless their attitudes change. The A1/A1mini are still two of the best budget beginner printers IMO, though some clones come close, and I do recommend them if asked but with caveats around potential lock-in later and not believing promises due to a history of changed online posts, deliberately excluded from the WayBackMachine, and what to my understanding is an AGPL breach]

--------

[1] “There is a way to use the feature, so it isn't an attempt to permanently deprive”, or “you agreed to the possibility of such changes in the EULA”, and so on.

[basilikum]

The fact that theft is legal does not change the fact that it is theft. Crime is legal. That should not stop us from calling it out as crime.

[brookst]

Yeah I’m so tired of rhetorical games people play. It’s a shitty business practice, it is deceptive and possibly false advertising, it may be violation of a contract and / consumer production laws, but removal of a software feature is not “theft”.

And many of these same people probably (and rightfully) laughed at music and movie people casting piracy as “theft”.

[basilikum]

When you sell something and then after the sell you take away the very thing you sold — that you no longer own — from the person who now owns it, that is called theft. You are taking something away from someone that they own. Piracy is not theft because you do not take anything away from anyone, you copy it and do not pay for it, but the original is still there. No one lost anything.

It is irrelevant whether the thing or feature you took away is implemented in hardware or software. Notably it is often hardware functionality but the thief uses software to restrict it.

You could perhaps argue that another property crime might better describe it such as criminal mischief or in some cases fraud. But in any case it is a crime against someone else's property.

[cherioo]

Does it not depend on what the feature is?

Is it theft if a company stops supporting TLS 1.0 clients that were previously supported?

What about upgrading service to only support a new form of authentication, breaking some clients?

What if the new authentication can only be done by locked down official client?

What if the company never advertised support through third party clients?

[brookst]

Wait so if a third party took away a feature you use, would that be “theft”? Like if your ISP is down when you want to watch a movie?

It’s wrong for sure, but I’m vicariously embarrassed for those who want to define everything they don’t like as “terrorism” or “theft” or whatever, strictly because it sounds so dramatic and casts the wrongdoers as not just wrong, but evil.

It’s old, it’s tired, it doesn’t convince anyone.

Simple “failure to adhere to terms of sale” is sufficient, and doesn’t have the baggage of being false.

[FatCat1979]

There's a class of person who's so fundamentally incapable of ignoring authority figures that they'll defend even the most pathetic positions possible.

[lobo_tuerto]

Then maybe this video _explaining_ what this is really about is in order: https://www.youtube.com/watch?v=Td2OQpLD9ik

From Louis Rossmann himself.