Bambu Lab has signalled it views the reverse engineering effort as legally distinct from the open source debate. The company cites DMCA Section 1201 and WIPO Copyright Treaty Article 11 – which obliges signatory nations to provide legal remedies against circumvention of technical protection measures. “This is not a uniquely American legal concern,” the company says, “it reflects a broad international consensus on protecting secure systems.”
Also they apear to only check user agent in their so called authentication: https://github.com/jarczakpawel/OrcaSlicer-bambulab/blob/main/bambu_response.md
They are claiming copyright over an open source license due to their cloud authentication.
https://forum.bambulab.com/t/setting-the-record-straight-on-cloud-access-and-community
First and foremost, we fully support the open-source community and will continue contributing through Bambu Studio. We deeply respect the AGPL license. Modifying, forking, and redistributing code, as seen with OrcaSlicer and many other projects, is fully respected. We have no issue with this.
Also to be very clear: this is not about OrcaSlicer itself or any other legitimate forks.
The concern is specifically around a separate fork that attempts to impersonate an official Bambu Studio client in order to access our cloud services.
We have observed instances of this being shared publicly. Technically, this involves injecting falsified identity metadata into network communications so that an unofficial client appears identical to an official one to our servers.
This type of method introduces serious risk. If used maliciously, it can generate DDoS-like load patterns, overwhelming our cloud infrastructure and negatively impacting service stability for all users. We learned this before.
It is important to distinguish between rights to the code and access to the service. Open-source licensing governs the code, but it does not grant unlimited or deceptive access to Bambu’s private cloud infrastructure. Our cloud is a private service. Access to it is governed by a user agreement, not the AGPL license.