kogden Posted October 22, 2014 Share Posted October 22, 2014 http://hardware.slashdot.org/story/14/10/22/185244/ftdi-reportedly-bricking-devices-using-competitors-chips Apparently, the new FTDI drivers pushed through updates will not just disable but PERMANENTLY BRICK counterfeit FTDI usb->serial chips. On purpose. This includes the FTDI FT232RL used on most SIO2PC adapters. Apparently, quite a few of the cheap breakout boards on ebay used counterfeit chips. They work just fine but DO NOT install the new driver or it won't work at all anymore without effort and a Linux box around. Even with the old driver. Here's a page on how to tell if you have a counterfeit chip: http://zeptobars.ru/en/read/FTDI-FT232RL-real-vs-fake-supereal Figured I'd warn folks, I have 2 FT232RL-based SIO2PC adapters. I got my breakout boards from Sparkfun though and they appear legit. --Kevin 1 Quote Link to comment Share on other sites More sharing options...
a8isa1 Posted October 22, 2014 Share Posted October 22, 2014 http://hardware.slashdot.org/story/14/10/22/185244/ftdi-reportedly-bricking-devices-using-competitors-chips Apparently, the new FTDI drivers pushed through updates will not just disable but PERMANENTLY BRICK counterfeit FTDI usb->serial chips. On purpose. This includes the FTDI FT232RL used on most SIO2PC adapters. Apparently, quite a few of the cheap breakout boards on ebay used counterfeit chips. They work just fine but DO NOT install the new driver or it won't work at all anymore without effort and a Linux box around. Even with the old driver. Here's a page on how to tell if you have a counterfeit chip: http://zeptobars.ru/en/read/FTDI-FT232RL-real-vs-fake-supereal Figured I'd warn folks, I have 2 FT232RL-based SIO2PC adapters. I got my breakout boards from Sparkfun though and they appear legit. --Kevin I wonder of there is a way to determine if our devices have real or fake chips without bricking them in the process. Quote Link to comment Share on other sites More sharing options...
kogden Posted October 22, 2014 Author Share Posted October 22, 2014 Supposedly a lot of the fakes have printed text, where real ones are laser etched. Not a perfect test though and I'm sure at least some of the fakes have laser etched text. If you brick it, you can fix it with a Linux box but if you use it with the new Windows drivers it'll kill it again. The breakout boards I got from SparkFun both have legit FTDI chips. The ones in most danger are probably the people that grabbed $3.00 boards shipped from China on eBay. Quote Link to comment Share on other sites More sharing options...
TheEditor Posted October 23, 2014 Share Posted October 23, 2014 Isn't this similar to a copy protection that was used some years ago that destroyed the first floppy of the disk set at the end if the installation? I believe that was ultimately found to be an illegal practice. If the vendor wants to protect their IP that is fine but malicious destruction of property will ultimately get them sued and would definitely make me think twice about doing business with the company. 2 Quote Link to comment Share on other sites More sharing options...
+wood_jl Posted October 23, 2014 Share Posted October 23, 2014 Man, this has the potential to cause BIG problems (and a backlash) for lots of people. Although I don't use it often, I'm now afraid to plug my SIO2PC into my Win7-up PC - maybe even a Vista machine. In just a really-quick scan of some of the pages and links sourced from those stories, it looked like people could still plug into Windows XP machines safely, because they're no longer updated and the offending software was distrubuted automatically through Windows Update. Quote Link to comment Share on other sites More sharing options...
TheEditor Posted October 23, 2014 Share Posted October 23, 2014 (edited) I have an Arduino, real one not the cheap ebay knockoff, and I am pretty sure it has the real FTDI on it but I am going to check when I get home tonight. I use it as an SIO2PC device and I am adding SIO2SD to it and investigating the addition of ethernet connectivity to get three functions in one device. If I find my Arduino is either using a counterfiet FTDI or it gets bricked you can be sure I will raise hell about it. Edited October 23, 2014 by TheEditor Quote Link to comment Share on other sites More sharing options...
kogden Posted October 23, 2014 Author Share Posted October 23, 2014 Man, this has the potential to cause BIG problems (and a backlash) for lots of people. Although I don't use it often, I'm now afraid to plug my SIO2PC into my Win7-up PC - maybe even a Vista machine. In just a really-quick scan of some of the pages and links sourced from those stories, it looked like people could still plug into Windows XP machines safely, because they're no longer updated and the offending software was distrubuted automatically through Windows Update. Unless you lose your copy of the old driver when you reload your PC and download the new one. Or if it ends up being plugged into a newer machine by accident. This is a problem all the way around. Ultimately, it's the device manufacturers fault for buying counterfeit IC's but it's still not right to "damage" people's equipment as revenge. What if counterfeit FT232 chips ended providing USB connectivity for control systems at a nuke plant for example? All the FT232RL breakout boards I bought from SparkFun are legit. This is really a shame because I actually like the FT232 series. Personally, I think FTDI should drop prices some and compete instead of just breaking people's equipment. The sad thing is that the counterfeit is actually a creative and original design, just driver and pin compatible with FTDI. Quote Link to comment Share on other sites More sharing options...
TheEditor Posted October 23, 2014 Share Posted October 23, 2014 "it's still not right to "damage" people's equipment as revenge" Therein lies the liability for FTDI. Imagine if, unknowningly, a lifesaving or life monitoring device purchased be a hospital contained a counterfeit chip. Most things run on Windows now and lets say the drivers gets updated and the device get bricked, someone dies from FTDI's actions. I am sure the judge will not look at them and say 'well you IP was at stake so we will just let you slide' the judge would allow any amount of damages requested against them to be awarded and FTDI would be no more, of their owe fault I might add. FTDI really needs to rethink what they are doing or hire someone who thinks beyond their three martini lunch. 3 Quote Link to comment Share on other sites More sharing options...
atari8warez Posted October 23, 2014 Share Posted October 23, 2014 http://hardware.slashdot.org/story/14/10/22/185244/ftdi-reportedly-bricking-devices-using-competitors-chips Apparently, the new FTDI drivers pushed through updates will not just disable but PERMANENTLY BRICK counterfeit FTDI usb->serial chips. On purpose. This includes the FTDI FT232RL used on most SIO2PC adapters. Apparently, quite a few of the cheap breakout boards on ebay used counterfeit chips. They work just fine but DO NOT install the new driver or it won't work at all anymore without effort and a Linux box around. Even with the old driver. Here's a page on how to tell if you have a counterfeit chip: http://zeptobars.ru/en/read/FTDI-FT232RL-real-vs-fake-supereal Figured I'd warn folks, I have 2 FT232RL-based SIO2PC adapters. I got my breakout boards from Sparkfun though and they appear legit. --Kevin Finally!.... I've been a victim of those fake chips and had to throw away 20. They simply didn't work properly at any speed. Well, when you get those chips for a buck each there's obviously something fishy.... lesson learned :-) Quote Link to comment Share on other sites More sharing options...
atari8warez Posted October 23, 2014 Share Posted October 23, 2014 (edited) Isn't this similar to a copy protection that was used some years ago that destroyed the first floppy of the disk set at the end if the installation? I believe that was ultimately found to be an illegal practice. If the vendor wants to protect their IP that is fine but malicious destruction of property will ultimately get them sued and would definitely make me think twice about doing business with the company. IP is not the point, a lot of those damn fakes don't work properly and FTDI has to deal with RMAs while these a**holes are ripping the benefits. Good for FTDI, I totally support it. Edited October 23, 2014 by atari8warez Quote Link to comment Share on other sites More sharing options...
atari8warez Posted October 23, 2014 Share Posted October 23, 2014 What if counterfeit FT232 chips ended providing USB connectivity for control systems at a nuke plant for example? I would move far far away from that nuke plant even without FTDI taking these measures, Those devices are not working properly and prone to failure, believe me I've experienced it first hand...cost me about 20 bucks and I now only shop from Digikey. Quote Link to comment Share on other sites More sharing options...
atari8warez Posted October 23, 2014 Share Posted October 23, 2014 (edited) Imagine if, unknowningly, a lifesaving or life monitoring device purchased be a hospital contained a counterfeit chip. I certainly hope those hospitals know better than buying $1 Chinese FTDI chips (when the real mccoy sells little over $4 a piece) to use in their life monitoring devices :-) Edited October 23, 2014 by atari8warez Quote Link to comment Share on other sites More sharing options...
kogden Posted October 23, 2014 Author Share Posted October 23, 2014 I certainly hope those hospitals know better than buying $1 Chinese FTDI chips (when the real mccoy sells little over $4 a piece) to use in their life monitoring devices :-) It's not the hospitals you have to worry about, it's the hardware manufacturers trying to save a buck and peddling equipment to most hospitals that's scary. I'm sure a lot of the $5 FT232RL breakout boards are legit. In quantities of 10,000+ I'm pretty sure the price would drop to $2-$3 per chip. Although really, if your new heart monitor design depends on a USB->RS232 adapter to talk to a PC, it may be time to redesign your gear. That's almost as bad as most payment terminals and cheap WinCE ATMs requiring a serial->ethernet box. It's not 1994 anymore. Personally, all I use these for is adding serial consoles to cheap consumer routers and SIO2PC adapters. I could probably easily do the same with a Prolific or CPC USB->RS232 chip. In fact, there's cheap breakout boards for them too in the sub-$5 range. At the end of the day, all this is going to do is cause consumer panic and cost FTDI money because people are afraid of counterfeits so they use a different chip. Quote Link to comment Share on other sites More sharing options...
Bryan Posted October 23, 2014 Share Posted October 23, 2014 I'm not sure what the law says in various countries, but... I can support making new drivers incompatible with fake hardware. The original vendor has no obligation to test their software with anything but real chips. If you fake chip doesn't work, then you got suckered and caveat emptor and all that. I can not support purposefully destroying someone else's property without due process. Is it fake? Yes. Was it illegal to manufacture? Yes. Is the buyer at fault? Probably not. This is like stealing from someone who unknowingly bought stolen goods. You might be able to make a moral justification, but all you've done is add another crime to the mix. It sucks that the devices are out there, but this is not an appropriate response. 3 Quote Link to comment Share on other sites More sharing options...
flashjazzcat Posted October 23, 2014 Share Posted October 23, 2014 It's a pretty vindictive response, but no doubt appealing to contrarians. 1 Quote Link to comment Share on other sites More sharing options...
kogden Posted October 23, 2014 Author Share Posted October 23, 2014 Basically, if it's a device made by someone other than FTDI and certainly not OWNED by FTDI, what right does FTDI have to break it? I can see having the driver reject the fakes but anything more than that is destruction of private property. 2 Quote Link to comment Share on other sites More sharing options...
Kyle22 Posted October 23, 2014 Share Posted October 23, 2014 In just a really-quick scan of some of the pages and links sourced from those stories, it looked like people could still plug into Windows XP machines safely, because they're no longer updated and the offending software was distrubuted automatically through Windows Update.Do you happen to know which KB number the update is? My Windows XP still updates, and I want to block that update. I'll also add the block to my XP 2019 program and to my install disc to prevent future issues. Quote Link to comment Share on other sites More sharing options...
+DrVenkman Posted October 24, 2014 Share Posted October 24, 2014 Ars Technica is on the story now too. http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/ 1 Quote Link to comment Share on other sites More sharing options...
BillC Posted October 24, 2014 Share Posted October 24, 2014 The new FTDI driver isn't destroying the counterfeit chips, it's reprogramming them so that they won't work with FTDI drivers.. It's not FTDIs responsibility to provide a driver for non FTDI chips, it's the responsibility of the chips manufacturer. They will still work with a driver that recognizes the reprogrammed value. If this driver is loaded then the device should be recognized/use it if the counterfeit chip is reprogrammed by the updated FTDI driver, although the virtual COM port# would probable change. Following is a link to a driver that is supposed to have been modified to work with disabled counterfeit FT232 chips. I found the link to the driver page in this thread: http://www.reddit.com/r/arduino/comments/2k0i7x/watch_that_windows_update_ftdi_drivers_are/clgviyl Modified FT232 driver available @: https://onedrive.live.com/?cid=86ef72597602dd78&id=86EF72597602DD78!271164&ithint=file,zip&authkey=!AIWwL-755E4FbwU 2 Quote Link to comment Share on other sites More sharing options...
Kyle22 Posted October 24, 2014 Share Posted October 24, 2014 Thanks for the info, but I need the KB number of the windows update that causes this problem. I have Googled it and found no answer yet. I want to prevent my Windows XP customers from getting this bad update. Quote Link to comment Share on other sites More sharing options...
Bryan Posted October 24, 2014 Share Posted October 24, 2014 (edited) The new FTDI driver isn't destroying the counterfeit chips, it's reprogramming them so that they won't work with FTDI drivers. It's still sabotage. The intent is the same; modify it so it's broken. They'd be better off opening a window informing you that you have a fake chip and/or not supporting it. Wait until something much more expensive than a serial dongle gets bricked by the update and watch the fallout. For the moment, MS has pulled the update. Edited October 24, 2014 by Bryan 2 Quote Link to comment Share on other sites More sharing options...
Kyle22 Posted October 24, 2014 Share Posted October 24, 2014 Yes, my thoughts exactly. Warn the user (who has no clue why this is happening), but DON'T BRICK THE DEVICE. It's not the users fault. Quote Link to comment Share on other sites More sharing options...
+wood_jl Posted October 24, 2014 Share Posted October 24, 2014 IP is not the point, a lot of those damn fakes don't work properly and FTDI has to deal with RMAs while these a**holes are ripping the benefits. Good for FTDI, I totally support it. How unsurprising, that you'd take this viewpoint. IP is **exactly** the point. If you don't think that FTDI had "IP" in mind when they concocted this fiasco, you're completely clules. IP is the point, consequnces be damned. The ENTIRE POINT is that - since everything comes from China anyway - it's poor practice to "brick." the device. Sure, it can be recovered (in some or most cases) by an extremely-small segment fo the population, but for most people, it's "bricked." An enormous number of consumers likely had no idea about this. Likewise, and enormous number of unscrupulous vendors likely used these "counterfit/repo/whatever) for their own Financial.Gain. If they hadn't, they'd better start studying. 3 Quote Link to comment Share on other sites More sharing options...
Bryan Posted October 24, 2014 Share Posted October 24, 2014 The real solution is to build some protection into your device from the get-go. Put some sleeper registers in there so at any time you can make your driver check for the real thing. Every time some Chinese factory produces a million fake devices, you simply make the new driver start checking for another buried feature. This will call attention to the unreliability of the fake chips immediately and is a much better idea than waiting until the market is flooded with them. Quote Link to comment Share on other sites More sharing options...
TheEditor Posted October 24, 2014 Share Posted October 24, 2014 (edited) "a lot of those damn fakes don't work properly and FTDI has to deal with RMAs" That seems like FTDI's issue really. If they are providing RMA's for products that are not of their manufacture then they are at fault for that not anyone else. If would be like Samsung taking an RMA for an iPhone. Most companies ask for proof of purchase on a return/RMA, no proof no RMA, pretty simple. Edited October 24, 2014 by TheEditor 2 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.