Slashdot Mirror

← Back to Stories (view on slashdot.org)

FTDI Reportedly Bricking Devices Using Competitors' Chips.

Posted by Soulskill on from the playing-dirty dept.

janoc writes It seems that chipmaker FTDI has started an outright war on cloners of their popular USB bridge chips. At first the clones stopped working with the official drivers, and now they are being intentionally bricked, rendering the device useless. The problem? These chips are incredibly popular and used in many consumer products. Are you sure yours doesn't contain a counterfeit one before you plug it in? Hackaday says, "It’s very hard to tell the difference between the real and fake versions by looking at the package, but a look at the silicon reveals vast differences. The new driver for the FT232 exploits these differences, reprogramming it so it won’t work with existing drivers. It’s a bold strategy to cut down on silicon counterfeiters on the part of FTDI. A reasonable company would go after the manufacturers of fake chips, not the consumers who are most likely unaware they have a fake chip." Update: 10/24 02:53 GMT by S : In a series of Twitter posts, FTDI has admitted to doing this.

9 of 700 comments (clear)

  1. They are playing with fire by supersat · · Score: 5, Informative

    It looks like they are trying to hide behind their EULA, which says that "Use of the Software as a driver for a component that is not a Genuine FTDI Component MAY IRRETRIEVABLY DAMAGE THAT COMPONENT." But there are reports that this new driver is being delivered via Windows Update, which presumably doesn't show you this EULA.

    Microsoft would be wise to pull this update.

  2. Re:In later news... by Opportunist · · Score: 4, Informative

    Intentional and willful destruction of another person's property for the base reason that he didn't buy with you but with your competitor? I don't know about your country, but over here in socialist Europe we have consumer protection laws that deserve that name.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  3. Re:The good news by Anonymous Coward · · Score: 4, Informative

    The driver license explicitly says that fake chips will be bricked. Not very hard to prove intent in this case.

  4. Re:On the other hand... by Darinbob · · Score: 4, Informative

    Problem is that all of this stuff on USB is using vendor-specific protocols. FTDI is the most popular because it is the most popular. Thus you don't have to hunt down obscure drivers, it works on Macs and Linux and BSD, you can find source code to implement your own driver just about anywhere, and so forth. For something plugged into a Windows PC you don't care, you just use the CD that came in the box with the serial adapter, but it becomes a much bigger problem if you're using an alternative device for a machine that can't just accept a Windows driver or you're writing an embedded system that needs to talk to it.

    Overall it would be better if USB had just created a standard for this class of devices. Vendor specific drivers are a pain in the ass if you're not using Windows, and it's not just serial adapters, but things like ethernet adapters, printers, etc.

  5. Re:On the other hand... by wed128 · · Score: 5, Informative

    Overall it would be better if USB had just created a standard for this class of devices.

    You mean like the USB CDC standard? http://en.wikipedia.org/wiki/U...

  6. Re:In later news... by MozeeToby · · Score: 4, Informative

    For the vast majority of consumers, changing the PID to 0 is absolutely damaging the product. Product works one day, plug it into the computer with the new driver and it stops working. It's broken. Yes it can be fixed, but it's well beyond the comfort zone of the average consumer, which means they need to either pay someone to fix it, go begging for help, or buy a new one.

  7. Re:On the other hand... by Damarkus13 · · Score: 4, Informative

    No (since all they are doing on the counterfeit chips is rewritting the PID to 0, which is reversible) it's more like ripping the Gucci label off.

  8. Re:On the other hand... by sjames · · Score: 4, Informative

    I think you misunderstood "brick" here. By that, TFA does not mean that the driver returns an error and doesn't init the device. It means the driver detects the counterfeit and then takes a positive action to maliciously re-program the chip so that it no longer works at all even for the old driver or a third party driver.

    The initial report was plug device into Linux box, works fine. Plug into windows box with latest FTDI driver, no work. Plug back into the linux box, no work.

  9. Re:The good news by ChumpusRex2003 · · Score: 5, Informative
    Yes. A company called Supereal is selling enormous volumes of "FTDI" chips into the Chinese market. The chips are labelled with the FTDI name and logo and during the USB negotiation, they announce themselves using the FTDI vendor unique ID, in order to use the ubiquitous and flexible FTDI driver (rather than require any development work for their own driver).

    See http://zeptobars.ru/en/read/FT... for an example of a fake chip - labelled FTDI on the outside, but supereal on the silicon.

    The problem is that the fake chips are buggy and slow compared to the genuine article, causing headaches for USB peripheral designers and support and reputation headaches for FTDI. There is a huge market for USB UART chips, and it is quite competitive, but few of the products on the market are actually as reliable, fast and robust as you would expect them to be. The FTDI FT232RL is one of the best in terms of reliability and has the best drivers, while also providing some handy bonus functionality.

    It appears that FTDI have reverse engineered the fake chips and found that they can be reprogrammed. When their driver detects a fake chip, it uses the internal configuration commands to erase the EEPROM memory containing the Vendor Unique ID. With this EEPROM blanked, the chip is unable to complete the device detection process in the OS's USB stack.