TL;DR
Josef Prusa has publicly warned that Chinese 3D printing software, particularly Bambu Lab’s forks of PrusaSlicer, pose significant security risks due to license violations and potential government surveillance. The issue involves licensing breaches and concerns over Chinese government influence.
Josef Prusa, founder of Prusa Research, has publicly warned that Chinese 3D printing software, specifically Bambu Lab’s forks of PrusaSlicer, pose significant security risks due to license violations and potential government interference.
Prusa made these remarks via X (formerly Twitter), citing violations of the AGPL-3.0 open-source license by Bambu Lab, which has been using proprietary components in their slicer software. Prusa emphasized that the networking plugins in Bambu Studio are closed-source and integrated in a way that violates license terms, raising security concerns.
He explained that the Chinese government’s influence over local companies complicates enforcement, as Chinese laws require citizens and companies to assist in intelligence gathering and share encryption keys with the government. Prusa also pointed to the broader context of China’s five-law framework, which facilitates state surveillance and control over digital infrastructure, including software used in 3D printing.
Why It Matters
This development matters because it highlights potential security vulnerabilities in widely used 3D printing software originating from Chinese companies. The use of closed-source, license-violating plugins could enable remote access or data leaks, raising concerns for users handling sensitive or proprietary designs. Additionally, it underscores broader geopolitical risks associated with Chinese technology and the influence of government policies on open-source software and digital security.
3D Printing Projects
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Background
Prusa Research has been vocal about the open-source nature of its slicer software, which is based on the AGPL-3.0 license, requiring derivative works to remain open. Bambu Lab, a Chinese company, has been accused of violating this license since their fork of PrusaSlicer emerged, particularly through proprietary networking components. Prusa’s warnings follow ongoing tensions over intellectual property and security concerns related to Chinese technology firms, compounded by China’s legislative framework that mandates cooperation with government surveillance efforts.
Historically, Chinese companies have been scrutinized for incorporating spyware or backdoors into hardware and software, often under government directives. The case of Naomi Wu, a Chinese tech reviewer, illustrates the broader context of surveillance and control in Chinese digital infrastructure, which Prusa references in his warning about security risks.
“The networking plugin in Bambu Studio is closed-source and integrated in a way that violates the AGPL-3.0 license, which raises serious security concerns.”
— Josef Prusa
“Chinese laws require companies and individuals to assist in intelligence gathering and share encryption keys, creating inherent security risks.”
— Prusa
Blender 3D Printing Essentials
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What Remains Unclear
It remains unclear to what extent Bambu Lab or other Chinese companies are aware of or intentionally exploiting these license violations for security purposes. The precise technical capabilities of the proprietary plugins and their potential for remote access or data exfiltration are still being investigated. Additionally, the full scope of government influence over these companies’ software development practices is not publicly confirmed.
3D Printer Tools Kit, 34pcs 3D Printer Accessories for All FDM/SLA Printers Includes Nozzle Cleaning, Removal Scrapers, Finishing Tools, 5 Types of Files,Brushes, Wire Cutter, Engraving Knife
【3D Printer Tools Expedite Your Workflow, 1-Year Warranty】Designed and Selected by a 15-Year 3D print enthusiasts team, this…
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What’s Next
Prusa Research plans to continue monitoring the situation and may pursue legal action if enforcement mechanisms improve. The community is awaiting further technical analysis of the software components involved. Regulatory and security agencies may also scrutinize these practices, potentially leading to increased oversight of Chinese 3D printing software.
VONETS VAP11G-300 WiFi Bridge 2.4GHz WiFi to Ethernet Convert/WiFi Repeater/Point to Point with RJ45 Male DC/USB Powered for PLC IP Camera Printer Medical Devices Network Devices
【2.4GHz WiFi Bridge/Repeater】Industrial 2.4GHz Mini WiFi Bridge/Repeater, can achieve WiFi to Wired or Wired to WiFi function(Ethernet to…
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
What specific security risks does Bambu Lab’s software pose?
Potential risks include remote access to printers, data leaks, and unauthorized control over printing operations due to proprietary, closed-source plugins integrated with the software.
How does Chinese law influence these software practices?
Chinese laws require companies to cooperate with government intelligence efforts, including sharing encryption keys, which can introduce security vulnerabilities and surveillance risks.
Can Bambu Lab’s software be used securely without the network plugin?
Yes, it can be used in LAN mode or with manual file transfer methods, but the convenience of cloud printing is compromised, and the security concerns remain due to the proprietary components.
What are the legal implications of license violations in open source software?
Violations of licenses like the AGPL-3.0 can lead to legal action, but enforcement depends on the ability to monitor and enforce compliance, which is challenging across jurisdictions.
