FTDI Reportedly Bricking Devices Using Competitors' Chips.

janoc writes It seems that chipmaker FTDI has started an outright war on cloners of their popular USB bridge chips. At first the clones stopped working with the official drivers, and now they are being intentionally bricked, rendering the device useless. The problem? These chips are incredibly popular and used in many consumer products. Are you sure yours doesn't contain a counterfeit one before you plug it in? Hackaday says, "It’s very hard to tell the difference between the real and fake versions by looking at the package, but a look at the silicon reveals vast differences. The new driver for the FT232 exploits these differences, reprogramming it so it won’t work with existing drivers. It’s a bold strategy to cut down on silicon counterfeiters on the part of FTDI. A reasonable company would go after the manufacturers of fake chips, not the consumers who are most likely unaware they have a fake chip." Update: 10/24 02:53 GMT by S : In a series of Twitter posts, FTDI has admitted to doing this.

In later news...

FTDI hit with class action lawsuit, goes bankrupt after angry consumer sue them out of existence.

What a bunch of fucktards....

Re: In later news...

Tortuous interference and trespass to chattels with an identifiable, numerous class with commonality of injury, and an easily identifiable tortfeasor acting with clearly malicious intent?

I hope no one is paying you to be their lawyer, since the suit practically writes itself.

Re:A hearty meh

>Brick a thousand shitty chips and things might change.

Yeah, I'll stop buying devices with genuine FTDI chips so I can avoid having to put FTDI malware on my system. That's what will happen.

Re:On the other hand...

[Wycliffe]

We're talking about a cheap usb bridge. I probably have dozens of devices that use a ftdi chip or a clone.
Many of these devices were bought on ebay for a couple bucks. Yeah, they were cheaply made, I knew
that when I bought them but they also worked when I bought them. I had no idea what chips were in them
or even how to check because I didn't care. It worked. Now here comes someone who is mad because
you bought a cheap knockoff and decides to break all the cheap knockoffs. I have a few cheap android
tablets too that may or may not have paid google rights to use android. I don't have any idea how to
even check. I wouldn't want google to make them not function after the fact. If you could do it early
somehow while the consumer still has a chance to back out of the transaction then I think it would be fine
but disabling devices months after the fact because you feel the clone/knockoff is unauthorized is wrong.
It would be like apple frying any non-apple chargers that you try to charge your iphone with.

Re:Is it legal to make code compatible alternative

[rgbscan]

My $3 generic eBay FTDI clone USB->Serial cable (that I bought to program my Baofeng radio via Chirp) came with no drivers and Windows pulled down the real FTDI driver. Over the summer, it only worked sporadically. Usually didn't work. Swapping out the cable for a $12 legit cable from Trendnet solved all issues. It isn't just that these chinese places are making a clone, it's that they are making a crappy sort-of compatible clone and passing it off as the real thing, and directing you to use the FTDI drivers. It totally makes FTDI look bad. I didn't find out until after researching with some guys from chirp that my cable was a knock off. I thought I was buying a supported chipset. Might not be legal or ethical, but I'm all for anything that stops these crappy chinese cloners in their tracks. I spent way too much time and hassle on a problem they caused.

Re:They are playing with fire

[Anonymous+Brave+Guy]

Their EULA could say that if you use their software with something other than a genuine FTDI component they may send a hit man round, but I doubt that would stand up too well in court either. If they think they're going to get away with deliberately breaking someone's gear because of some weasel words in the EULA, they need better lawyers. Or they needed better lawyers, I should say, because if the reporting of what's going on is accurate then by this point I suspect they're already in serious trouble even if they don't realise it yet.

Re:The good news

[nbauman]

You are running a driver/firmware update on a product which isn't theirs. Just like with a laptop if you run a BIOS update on the wrong product and it destroys your machine the vendor isn't responsible.

This is more like an admin who quits his job and wipes out the whole system before he goes.

Re:This is just wrong.

I own several fake FTDI chips (thanks DealExtreme for those $2 USB -> RS232 adapters). They do not have anything "FTDI" written on the chips (I opened them up to check). When using newer (but not these) windows drivers the chips are, however, detected as counterfeits and the FTDI driver throws an error, which seems like fair play. I have enough to test and see if this new driver rewrites the VID. Betcha it does.

Destroying this hardware that doesn't have their name on it, however, isn't fair play, especially when the driver is built into windows. Not like I went and downloaded it from FTDI on purpose.

Re:Is this legal?

[dgatwood]

One, the cloned FTDI subcomponents are in and of themselves essentially indefensible.

Not necessarily. It is not a crime to use the USB ID of a competing product. It is a violation of the rules set by the USB standards body, but if you are not a member of that organization and have no prior business relationship with them, you are under no legal obligation to comply with those rules. More to the point, reusing a USB ID is absolutely not the same thing as counterfeiting. As far as I know, no country in the entire world has a law that says that devices are counterfeit merely because they conform to another device's programming interface. For something to be counterfeit, it has to be designed and marketed as the real thing, with the intent to defraud the purchaser.

What this means is that if the outside of the packaging claims that the part was made by FTDI, then the counterfeits are indefensible. However, if they were sold as FTDI-compatible chips, then the chips are almost certainly not in violation of counterfeiting laws. And if there's no way for the software to know the difference between those two, and if even one single device that was sold legitimately as a clone gets bricked, then FTDI is committing the crime of destruction of property. And if their actions ends up destroying medical equipment, they could be charged with even more serious crimes, up to and including manslaughter.

The reality is that in this sort of cat-and-mouse game, nobody wins, because everybody loses. It is vital that the authorities in Scotland take immediate legal action against FTDI to ensure that other companies are not tempted to pull similar stunts in the future. Their actions are clearly indefensible criminal actions, and should be treated as such, regardless of who fired the first salvo or how much harm they believe they have suffered at the hands of the counterfeiters.

Re:do you even tinfoil, bro?

Humor aside... It honestly wouldn't surprise me if supply chain documentation is what lead to some of this... the Aerospace and Defense industries are very very picky about knowing exactly what they're getting (aircraft falling out of the sky due to counterfeit components would be bad...).

Re:Is this legal?

[amicusNYCL]

Um, no. They're intentionally modifying the device ID on the counterfeit chip so it will no longer work.

That sounds like a bug fix. They've found a piece of hardware which is identifying itself as the incorrect piece of hardware (which they know, because they know what the correct piece of hardware with that ID is). So, they just... fix the bug.

Why does Windows install model-specifc drivers?

[knorthern+knight]

One difference I've noticed between Windows and Linux...

* in Linux, plug in a USB key, or hard drive, or other USB device, and if you have the appropriate driver, "it just works". One USB "mass storage device" driver works for all USB keys and hard drives

* in Windows...
--- plug in a brand X USB key the first time, and Windws goes off onto the internet and installs a special driver
--- plug in a brand Y USB key the first time, and Windws goes off onto the internet and installs a special driver
--- plug in a brand Z USB key the first time, and Windws goes off onto the internet and installs a special driver

Come on guys, a USB key is a USB key, is a USB key. If it has some esoteric functionality, OK, otherwise don't clog up the registry and the hard drive with drivers for every USB key model that has ever been inserted into the machine..

I have a USRobotics USR5637 http://www.usr.com/en/products... USB CDC "56K" dialup modem for backup on the rare occasions my broadband goes down. It's a hardware modem that works in Windows, Mac, Linux, DOS, etc. Once I set up the kernel options in linux "it just works", without constantly downloading updates. WTF is Windows always updating?