The llm found the file that was encrypted with an older password that the guy could remember. The llm didnt decrypt anything or find a vulnrability, it just found an older fill the guy could unlock and he gained access to his bitcoin wallet that way.
Ahh you see you are falling back on those outdated human skills of “critical thinking” and “logic” where we are using the superiour more modern way of “asking AI” and a $3500 toaster over priced unitasker
“Want to cook the perfect steak in 90seconds or less? Imposible, you say! Preposturios, you say! Well with the power of AI it is now a reality!”
Of course you just spent $3500 on a perfecta grill so you’ll probably have a tough time buying steak now
But how the slicer connects to their propriatry cloud service is under the AGPL. That is the part that has been copied.
Due to the original Slic3r software being AGPL and Bambu studio being a copy of Slic3r it is also under the AGPL.
So Jarczak has only copied code that is under the AGPL. As mentioned in the article, the only bit of security bambu had was a name in the commands sent saying that the command came from Bambu Studio, it wasent encrypted, it wasent locked down it is right there in the code.
Now, Bambu could change their security to have a proper auth handshake with the cloud services, that would lock this method off because it wouldnt matter if the code is out in the open for all to see, you would still need to log in. But Bambu didnt do this, they just tried to legally gag someone instead.
That is why people are up in arms.