Slashdot Mirror
FTDI Reportedly Bricking Devices Using Competitors' Chips.
janoc writes It seems that chipmaker FTDI has started an outright war on cloners of their popular USB bridge chips. At first the clones stopped working with the official drivers, and now they are being intentionally bricked, rendering the device useless. The problem? These chips are incredibly popular and used in many consumer products. Are you sure yours doesn't contain a counterfeit one before you plug it in? Hackaday says, "It’s very hard to tell the difference between the real and fake versions by looking at the package, but a look at the silicon reveals vast differences. The new driver for the FT232 exploits these differences, reprogramming it so it won’t work with existing drivers. It’s a bold strategy to cut down on silicon counterfeiters on the part of FTDI. A reasonable company would go after the manufacturers of fake chips, not the consumers who are most likely unaware they have a fake chip."
Update: 10/24 02:53 GMT by S : In a series of Twitter posts, FTDI has admitted to doing this.
It looks like they are trying to hide behind their EULA, which says that "Use of the Software as a driver for a component that is not a Genuine FTDI Component MAY IRRETRIEVABLY DAMAGE THAT COMPONENT." But there are reports that this new driver is being delivered via Windows Update, which presumably doesn't show you this EULA.
Microsoft would be wise to pull this update.
Intentional and willful destruction of another person's property for the base reason that he didn't buy with you but with your competitor? I don't know about your country, but over here in socialist Europe we have consumer protection laws that deserve that name.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Unless the non-FTDI chips are using some patented technology without permission, or are using FTDI trademark, they are doing no wrong. Second-sourcing of integrated circuits has been going on for at least 45 years, and it's completely legal. The fact that their silicon looks completely different indicates that the copiers are not violating copyright as far as the chip is concerned. Unless I'm missing something, FTDI is engaging in willful destruction of private property and should suffer immense fines.
Contribute to civilization: ari.aynrand.org/donate
Are there alternatives to this tech? I would happily buy from a competitor if one is available and boycott a company who would fuck over consumers like this. Is there even a way to choose or tell the difference between fakes or competitor products?
Where are they used? Who uses them? What alternatives are there?
Some people say they're going to "avoid FTDI chips in the future". Good luck with that because FTDI makes the most reliable Serial-to-USB ICs on the planet. Going with anything else is just asking for trouble.
Get free satoshi (Bitcoin) and Dogecoins
The driver license explicitly says that fake chips will be bricked. Not very hard to prove intent in this case.
Problem is that all of this stuff on USB is using vendor-specific protocols. FTDI is the most popular because it is the most popular. Thus you don't have to hunt down obscure drivers, it works on Macs and Linux and BSD, you can find source code to implement your own driver just about anywhere, and so forth. For something plugged into a Windows PC you don't care, you just use the CD that came in the box with the serial adapter, but it becomes a much bigger problem if you're using an alternative device for a machine that can't just accept a Windows driver or you're writing an embedded system that needs to talk to it.
Overall it would be better if USB had just created a standard for this class of devices. Vendor specific drivers are a pain in the ass if you're not using Windows, and it's not just serial adapters, but things like ethernet adapters, printers, etc.
Intentional and willful destruction of another person's property for the base reason that he didn't buy with you but with your competitor? I don't know about your country, but over here in socialist Europe we have consumer protection laws that deserve that name.
I would say that modifying the PID on the chip is pretty far from "intentional and willful destruction." From one of the comments in the support board posting masquerading as TFA:
And
While it is rather underhanded, had FTDI done this the *correct* way and just interrogated the chip and refused to work with a fake, this would be a non-story. At the same time, just modifying the PID is far from "destroying" the device. If FTDI's driver did something that actually did damage to the hardware, I might be more sympathetic. That's not to say that I think FTDI did the right thing, just that the did not actually damage or "brick" anything. The device isn't broken, it just needs to have its PID reset. Once that happens (and I guess that's what FTDI was trying to do), the end user will be painfully aware that they have a counterfeit chip.
As I said, poorly executed and likely to cause some backlash, but no hardware is damaged or destroyed. Unless you're an idiot.
No, no, you're not thinking; you're just being logical. --Niels Bohr
Overall it would be better if USB had just created a standard for this class of devices.
You mean like the USB CDC standard? http://en.wikipedia.org/wiki/U...
For the vast majority of consumers, changing the PID to 0 is absolutely damaging the product. Product works one day, plug it into the computer with the new driver and it stops working. It's broken. Yes it can be fixed, but it's well beyond the comfort zone of the average consumer, which means they need to either pay someone to fix it, go begging for help, or buy a new one.
I've had issues with many non-FTDI USB to serial adapters but the real FTDI ones have been rock solid. I pushed for integrating a quad FTDI USB to serial chip into one of our products since the FTDI chip can also do i2c and JTAG. I'm sure a knock-off chip would have a lot of problems. I've had the FTDI serial chip reliably running at 10Mbps.
This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
No (since all they are doing on the counterfeit chips is rewritting the PID to 0, which is reversible) it's more like ripping the Gucci label off.
I think you misunderstood "brick" here. By that, TFA does not mean that the driver returns an error and doesn't init the device. It means the driver detects the counterfeit and then takes a positive action to maliciously re-program the chip so that it no longer works at all even for the old driver or a third party driver.
The initial report was plug device into Linux box, works fine. Plug into windows box with latest FTDI driver, no work. Plug back into the linux box, no work.
See http://zeptobars.ru/en/read/FT... for an example of a fake chip - labelled FTDI on the outside, but supereal on the silicon.
The problem is that the fake chips are buggy and slow compared to the genuine article, causing headaches for USB peripheral designers and support and reputation headaches for FTDI. There is a huge market for USB UART chips, and it is quite competitive, but few of the products on the market are actually as reliable, fast and robust as you would expect them to be. The FTDI FT232RL is one of the best in terms of reliability and has the best drivers, while also providing some handy bonus functionality.
It appears that FTDI have reverse engineered the fake chips and found that they can be reprogrammed. When their driver detects a fake chip, it uses the internal configuration commands to erase the EEPROM memory containing the Vendor Unique ID. With this EEPROM blanked, the chip is unable to complete the device detection process in the OS's USB stack.