My guess is that FTDI doesn't test their drivers with cloned chips and this is a bug of some sort. Deliberately bricking a device won't help FTDI because consumers won't know the root cause, and cannot verify the authenticity of the chip even if they knew. So the failure looks random.
My guess is that FTDI doesn't test their drivers with cloned chips and this is a bug of some sort. Deliberately bricking a device won't help FTDI because consumers won't know the root cause, and cannot verify the authenticity of the chip even if they knew. So the failure looks random.
FTDI do not explicitly admit they deliberately damage user equipment, and impact user cash flows here, but it starts to look less accidental.
A loss of income lawsuit may soon sharpen their focus ?
Smarter would have been to quietly reduce performance and a message, and then some PR about inferiour clones...
That way, there is no 'drop dead' at some remote customer site, and they get a point across.
I liked the FTDI reply "If you have ideas we'd be interested to hear more." after a raft of ideas that said theirs was a bad idea. Obviously they're not interested.
I understand protecting IP and market, but it would be better to display a warning message the user has to dismiss than disable hardware that had been working. The user can then contact their hardware vendor for a replacement or firmware update.
It's a sure bet FTDI's legal counsel was not aware of this move, or they would have convinced management to use a different approach. If a counterfeit chip is used in a mission critical device, or especially a medical product such as a ventilator, and the product fails, FTDI will be pulled into the lawsuit. Guaranteed. Their action will be construed as malicious.
1. Makes you weary of using FTDI chips any more.
2. Agreed. I bet their action would be construed malicious.
3. Users affected will blame FTDI. They probably won't even know their chip is a fake, just that an FTDI branded chip failed.
What would happen in MS bricked your HDD because they found unlicensed software on your PC? There would be plenty inline to sue MS for malicious damage.
Actually there are probably some legal precedents that could be used.
Obviously one is the user who is deprived of using their PC due to the probably malicious FTDI code, and the consequential damages.
Back in the early 90s MS was negotiation with a company to use their data compression in the upcoming MSDOS6 release. Negotiations stalled and MS decided to ship compression anyway. The company later sued MS for using its compression code. To do this, they needed to decode MS's software. This was/is illegal (as define by the court case).
The result was the company was awarded something like ~$110M and MS was awarded ~$15M for the company reverse engineering their code to prove MS violated their code.
No doubt this case has set a couple of precedents here!
Looking at the above case (and I am not a lawyer) I would think FTDI could claim ~$1-2 from the user for using a fake chip whereas the user could claim malicious damage and consequential loss. Consequential loss could potentially run into $Ms, less of course the ~$1-2.
It all comes down to what FTDI "knew, or should have known." That's how the end-user lawsuits will play out. FTDI will be hard pressed to convince a jury that it had no idea some USB-connected device used in a life-saving product could be impacted. They would have to assume something like this is possible.
Courts generally allow only the least intrusive remedy; beyond that the cure is more actionable. Apparently FTDI is banking on the implied consent of their intentionally malicious damage by the use of new wording in their EULA. I think they're in for an unpleasant surprise. Let's hope all the cloned chips are only used in hobby DIY boards, where it's mainly an inconvenience, and not any commercial products people trust in for their lives.
FTDI may have also irretrievably damaged their relationship with Microsoft as a trusted third-party driver supplier. Microsoft is unlikely to want to be a party to the automatic distribution of updates that have been engineered to intentionally cause permanent damage to their users systems, regardless of a EULA "permitting" it.
Oh please stop with the sanctimonious whining. Look it's only going to hammer those sleazy vendors who ordered these clones from China because they could get them super cheap.
If people should sue anyone it's these vendors using these phony FTDI chips. These vendors know who they are and ought to owe up instead considering suing FTDI for their own collective, greed based bungling.
Look, why should FTDI be responsible to make sure a bunch of badly done knock-offs of their products should work with their software? Really guys. This is really, really twisted.
Consumers don't buy FTDI chips. They buy devices that they expect to work. The vast majority of them have no idea what chips are actually used inside the products they buy. This is a highly irresponsible action on FTDI's part.
I see no problem with a driver refusing to install or work with a counterfeit chip, but to disable the device using that chip is going too far and probably illegal no matter whether it's in some EULA or not.
There is a serious reading and ethics comprehension issue with the hacking community. For some twisted reason most of you think that a semiconductor house like FTDI is responsible FOR ALL Chinese knock-off's of their IP irregardless how these thieves implement it.
They are not, they are responsible for THEIR products, not a illegal copy who pretend to be FTDI.
If a board stops working because of this, the customer should go to the vendor, tear them a new rear end for using junk and then demand their money back. Given the level of whining I bet more than a few board peddlers have their knickers in a twist over this.
Look, here's what reputable vendors do: They DON'T source parts through questionable sources. If a BOM says use a FTDI chip you go to Mouser, Digikey. Not through Alibaba or some sleazy Chinese firm. Remember what happened when Sparkfun tried that? They got burned big time and they deserved it.
I always wondered what it meant when an argument is started with "Look,...". Does that imply that it is more correct than those that don't?
Anyway. It has happened that reputable vendors sourcing stuff through reputable suppliers have been burned by fakes. Turns out the supply chains are so complex that the rogue guys can always find a way in.
The question here is: Does the new FTDI driver accidentally, just happen, to not work with clone chips? Because, after all FTDI cannot know what those clone chips do.
Or, does the new FTDI driver deliberately brick my machine because I somehow have a fake chip?
No one is saying that FTDI shouldn't protect their IP. They should be. However it is the extremely underhanded (and in my opinion sort of sleazy) way they went about it. Especially since it was pushed down as a "Windows Update" that most people would expect to be something to fix an exploit in Windows itself or a bug fix for a driver.
If they would have just identified the counterfeit chip and as a result pop up a warning and refuse to let the driver work with the fake that would accomplish the same thing. Effectively disable the use of that device and inform the user that they are not using a real FTDI chip. However, they decided to try and take a step further to "BRICK" the offending device. That crosses a line that will and should cause some backlash against FTDI. Instead of gathering sympathy and support they have ****** off a LOT of people with their methods and in the end it will probably damage the FTDI reputation. It has in my eyes. That is sad since I do think they made the best USB to Serial adatper chips but if this is the kind of stunt they will pull then I will look for alternatives myself. The way they did it really punishes the users who may have thought they had a real FTDI chip. Really, a warning would have been the correct response.
I guess the Arduino board designers did well when they decided to drop FTDI and just use a different USB chip on their boards. Those won't be affected by this poorly thought out update by FTDI.
Why, in almost every thread I've read on this, does somebody try to make it look like just a tiny group of "hackers" or "makers" getting upset? It's way bigger than that. These chips are used in a lot more places than just arduinos or Propeller boards and such, and even the U.S. government has had problems with counterfeit chips.
FTDI is trying to make the end user responsible for the whole supply chain. Why would any company believe this is a good idea or even possible? And bricking a device during a driver install is either totally inept programming or a purely malicious action. I know what I think it is.
I checked all of my FTDI devices. They are all working with Windows7. After reading about this on multiple sites, I think that if FTDI wrote this new driver
with an intent to also brick the fakes they are in trouble. Thanks Parallax. All of my stuff is ok.
Look (hehe), whether you want to place blame at FTDI's feet, makers of boards, parts agents, contract manufacturers, importers, the Chinese, or whoever, it was a bonehead idea for FTDI, because now its owner has -- if he doesn't reverse course soon -- placed his company at serious risk of litigation from many parties. And for what? Pointing a target on your back and inviting damage suits from a world of trial attorneys is never smart. Their trick of using EULA language to disavow an intentional act of sabotage has never, to my knowledge, been tested in court. Even if they prevail -- doubtful -- they'll go broke defending themselves.
I don't think I have a board with a cloned FTDI chip, but that's not the point. Seeing what was a respected company face the possibility of crash and burn gives no joy. It's a shake-your-head day, for sure. Why would someone risk trashing their business in this way?
The real truism of life is you can't escape death, taxes, and lawyers. Dart forgot the last one.
It's all fun and games until some life saving device fails because of this... Start counting Windows computers and connecting devices on your next trip to the ER.. Nervious yet?
Microsoft has been playing fast and loose with Windows updates, so I'm happy to pull them in as part of the fault for this. Just when was "Bing Bar" considered a Windows Update?
Make your driver fail to work with the clones. Rendering a piece of hardware I own useless is crossing the line...
You take your car to the dealership and they discover that you've put aftermarket brake pads on, so while they are sevicing your car, they disable the brake system....
Look, why should FTDI be responsible to make sure a bunch of badly done knock-offs of their products should work with their software? Really guys. This is really, really twisted.
You rather miss the point.
FTDI should offer no warranty on others USB parts, but neither should FTDI intentionally/maliciously damage goods a customer may have purchased in good faith.
A USB driver is a passive software layer, software that morphs into a hunt and destroy device re-programmer, is no longer 'a USB driver'.
There is no warning, no recovery path offered, just *BANG* - and it seems even there, no explanation that they just rendered your wigit inoperable on any PC.
Seriously annoyed customers will be motivated enough to give money to lawyers over this.
Their wording even seems to say this could damage non counterfeit devices ?!
.... and in the end it will probably damage the FTDI reputation.
It has in my eyes.
That is sad since I do think they made the best USB to Serial adatper chips but if this is the kind of stunt they will pull then I will look for alternatives myself. The way they did it really punishes the users who may have thought they had a real FTDI chip. Really, a warning would have been the correct response.
I guess the Arduino board designers did well when they decided to drop FTDI and just use a different USB chip on their boards. Those won't be affected by this poorly thought out update by FTDI.
We shifted from FTDI to SiLabs, mainly because SiLabs had a Dual UART version for similar price.
FTDI are still the main game in town for High Speed USB.
Out of curiosity, what products (other than dev/hacker/DIY type products) do people own that use FTDI drivers? The only items in my house using FTDI chips are from Parallax or Sparkfun. All other products utilize true USB drivers for the device itself or work through methods like mass storage devices. (camcorders, MP3 players, GPS)
What "professional" products do you have that communicate to a Windows PC using a FTDI based serial port?
What "professional" products do you have that communicate to a Windows PC using a FTDI based serial port?
There must be at least some for all the hue and cry about the clones. If it were just the hobby market, that's an insignificant segment for the effort and risk. Easier to target the counterfeits at the customs level, and write C&Ds to some of the known infringers. All it takes is a few well publicized actions to get others in line.
I'd think most products would be microcontroller based, often custom design, possibly from both military and commercial vendors. That could mean anything from automotive analyzers, home care and hospice products, electronics bench tools (e.g. scopes and logic probes), testers used in aviation (private, commercial, and defense), custom alarm systems, programmable mobility devices, and so on. Sony probably wouldn't use one, but a defense contractor selling a product to the military might. As could specialized health care products sold to nursing homes, hospitals, and doctors. What might a home dialysis machine have in it for connecting to a PC? Who knows for sure, but if it's a cloned FTDI chip, someone is going to be in a world of hurt (to quote Jesse Ventura).
Depending on how and where their products were manufactured, not all of these makers would be in a position to know if their products contained non-genuine parts. USB is often treated as something of a dark science best left to others. That's why FTDI is even in business to begin with.
When this story broke I tried to find a list on FTDI's site of third-party products, and couldn't find one. That's understandable, as that list would only benefit their competitors.
I have some FTDI USB to serial adapter cables that I now can't risk plugging in until this is resolved. Until a tool comes out to "Test" and confirm if it is a real FTDI chip there is no way for most end users to know. They may be fine or not. I expect that most if not all will be ok but the problem is that now I can't trust or plug anything in with an FTDI chipset as long as their hostile version of the driver may be in place.
In many other USB devices I haven't checked to see what kind or chipset they use. So any ones we don't know specifically will be safe can now not be used for fear of turning it into a brick. It could be fine but at this point anything that says FTDI on the chipset may be suspect and could be bricked.
I guess I can start plugging each device into my Raspberry Pi and then have it look up the chipset to see if it is non-FTDI then it would be safe to use. Otherwise it may be at risk.
I'd say that FTDI just trashed their own brand with this smooth move and just did a lot of damage to itself. It's a mess.
Any software purposely written to brick hardware is MALWARE and should be treated as such.
According to and update on this site It appears that Microsoft may have gotten wind of this and pulled the hostile driver.....
FTDI buys a VID/PID for the devices they produce. They produce a driver and pay MS to get it certified for Windows Update. They pay Apple some money to do the same. They even produce a driver for Linux and other OSes and spend time and money to get the drivers installed on standard distributions and loaded on demand..
All on their expenses. They do not do that because they are philanthropic, they do that to sell their hardware. To make it easy for users now not in need to install some driver.
I bet that FTDI is spending more money on driver development and license fees and certifications and whatever per year as any 3 of all of us earn together in the same year.
The new driver removes the VID/PID from the device after finding out it is not a device made by FTDI and using this VID/PID pair claiming it is. A VID paid for by FTDI just for the reason to identify their hardware.
That is the only reason that VID exists at all.
So what is the problem here?
People are claiming that the Volkswagen Bus with Mercedes Stars they bought is not really a Mercedes and the Mercedes Breaks don't fit? Or if they fit don't brake good enough?
Mercedes de-badgeing their Volkswagen?
FTDI is owning that VID and remove it from things not produced by them.
What is wrong with that?
They are not destroying any hardware. They just de-badge it. Ripping of the label stating it is a FTDI product. Because it is not.
Seems Microsoft have 'gotten things together here', and their legal risk/exposure take is not quite the same as yours ?
["Update: Microsoft has given us a statement:
Yesterday FTDI removed two driver versions from Windows Update. Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update."]
Seems Microsoft have 'gotten things together here', and their legal risk/exposure take is not quite the same as yours ?
["Update: Microsoft has given us a statement:
Yesterday FTDI removed two driver versions from Windows Update. Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update."]
well @jmg
what I think is right or wrong is my personal decision. It may or may not be coherent with law or what layers are able to do with law. It is just the way to think about stuff my parents implanted in my brain thru examples and education. Name it morals and values if you need a label for it.
So my post was in no way intended to be a legal advice at all.
Just my personal opinion about this.
I just think that FTDI has the right to do this by removing the VID/PID from the device because it is not a device from FTDI who paid for that VID.
nothing is destroyed. NO hardware. NONE.
The clones are just de-badged by overwriting the wrongfully used FTDI owned VID/PID identification with 0.
NO hardware destroyed. Just de-badged.
if the guys producing the clones have to write their own driver and go thru the same verification process to get that seamless integration feeling of FTDI drivers then they will not be cheaper as FTDI is.
They are just stealing other peoples work without even being ashamed of it.
Like china in general is doing and this will bite us bad pretty soon.
Hmm, something that was working, no longer works, so that end user is going to have some trouble with your line here.
You see, this is not a simple electrons-vs-electrons battle, there are humans caught in the cross fire.
If FTDI imagine they have a carte blanche to cause collateral damage, then I and a great many others have a right to move them down a preferred supplier list.
No electrons are involved in my decision, but it will have its own collateral damage to FTDI's bottom line.
Somewhere in all of this, some humans will have to decide which 'collateral damage' is the worst.
Microsoft seem to have already made their decision, and it seems FTDI are rethinking theirs too...
That software was meant for real FTDI devices, not a cheap knock-off micro masquerading as one pf FTDI's and sold by thieves to greedy little people in the West. If the cheap fools used a real FTDI chip it wouldn't be a issue. Evidently it stung a lot of low rent hobbyists who been buying a bunch of cheap USB stuff off those dubious Chinese vendors on Ebay. Given how much screaming they are doing, it looks like FTDI hit a raw nerve with this bunch of cheapskates.
What did they expect from the knock off capitol of the world at bottom dollar prices? The real deal. Not for the prices they are selling at. So some got stung and go boo hoo because their Chinese sweatshop made $8 Arduino board isn't working anymore. Tough cookies you got pinched.
It's like buying a stolen car and the cops catch you and take your stolen car from you or going to Santee Alley in Los Angeles and buying a knock-off Rolex for $50.00 which then falls apart within weeks of use. You get what you pay for when you cheat.
The take home for this is: don't be a low rent type and expect that the sweat shop product you bought off Ebay is the real thing, especially when the real thing sells for a lot more here.
Do you actually think this stopped at "low rent hobbyists"? Even KenG himself said that he had to do a good bit of research and double checking to make sure that Parallax didn't have faked parts. It is naive to think that this is a simple cut and dried situation where some cheap Ebay theives/hobbyists got caught in the crossfire and are not whimpering about their $2.00 loss. This has the potential to endanger lives if these chips mistakenly found their way into the wrong equiptment.
Oldbitcollector (Jeff)
Posts: 8,091
Comments
I wonder if that was deliberate, or a side effect - as it seems very clumsy, and a sure way to aggravate customers.
[" We are also worried by potential FTDI's liability for causing intentional damage to products they do not own."]
This could elevate genuine FTDI parts to the 'chips best avoided' category, and there are alternatives from companies like Silabs.
It's not looking that way...
https://twitter.com/mikelectricstuf/status/524924141380861953
FTDI do not explicitly admit they deliberately damage user equipment, and impact user cash flows here, but it starts to look less accidental.
A loss of income lawsuit may soon sharpen their focus ?
Smarter would have been to quietly reduce performance and a message, and then some PR about inferiour clones...
That way, there is no 'drop dead' at some remote customer site, and they get a point across.
Wow, that's right up there with Sony's rootkit for a bone headed move.
I understand protecting IP and market, but it would be better to display a warning message the user has to dismiss than disable hardware that had been working. The user can then contact their hardware vendor for a replacement or firmware update.
It's a sure bet FTDI's legal counsel was not aware of this move, or they would have convinced management to use a different approach. If a counterfeit chip is used in a mission critical device, or especially a medical product such as a ventilator, and the product fails, FTDI will be pulled into the lawsuit. Guaranteed. Their action will be construed as malicious.
2. Agreed. I bet their action would be construed malicious.
3. Users affected will blame FTDI. They probably won't even know their chip is a fake, just that an FTDI branded chip failed.
What would happen in MS bricked your HDD because they found unlicensed software on your PC? There would be plenty inline to sue MS for malicious damage.
Obviously one is the user who is deprived of using their PC due to the probably malicious FTDI code, and the consequential damages.
Back in the early 90s MS was negotiation with a company to use their data compression in the upcoming MSDOS6 release. Negotiations stalled and MS decided to ship compression anyway. The company later sued MS for using its compression code. To do this, they needed to decode MS's software. This was/is illegal (as define by the court case).
The result was the company was awarded something like ~$110M and MS was awarded ~$15M for the company reverse engineering their code to prove MS violated their code.
No doubt this case has set a couple of precedents here!
Looking at the above case (and I am not a lawyer) I would think FTDI could claim ~$1-2 from the user for using a fake chip whereas the user could claim malicious damage and consequential loss. Consequential loss could potentially run into $Ms, less of course the ~$1-2.
Courts generally allow only the least intrusive remedy; beyond that the cure is more actionable. Apparently FTDI is banking on the implied consent of their intentionally malicious damage by the use of new wording in their EULA. I think they're in for an unpleasant surprise. Let's hope all the cloned chips are only used in hobby DIY boards, where it's mainly an inconvenience, and not any commercial products people trust in for their lives.
FTDI may have also irretrievably damaged their relationship with Microsoft as a trusted third-party driver supplier. Microsoft is unlikely to want to be a party to the automatic distribution of updates that have been engineered to intentionally cause permanent damage to their users systems, regardless of a EULA "permitting" it.
If people should sue anyone it's these vendors using these phony FTDI chips. These vendors know who they are and ought to owe up instead considering suing FTDI for their own collective, greed based bungling.
Look, why should FTDI be responsible to make sure a bunch of badly done knock-offs of their products should work with their software? Really guys. This is really, really twisted.
I see no problem with a driver refusing to install or work with a counterfeit chip, but to disable the device using that chip is going too far and probably illegal no matter whether it's in some EULA or not.
There is a serious reading and ethics comprehension issue with the hacking community. For some twisted reason most of you think that a semiconductor house like FTDI is responsible FOR ALL Chinese knock-off's of their IP irregardless how these thieves implement it.
They are not, they are responsible for THEIR products, not a illegal copy who pretend to be FTDI.
If a board stops working because of this, the customer should go to the vendor, tear them a new rear end for using junk and then demand their money back. Given the level of whining I bet more than a few board peddlers have their knickers in a twist over this.
Look, here's what reputable vendors do: They DON'T source parts through questionable sources. If a BOM says use a FTDI chip you go to Mouser, Digikey. Not through Alibaba or some sleazy Chinese firm. Remember what happened when Sparkfun tried that? They got burned big time and they deserved it.
I always wondered what it meant when an argument is started with "Look,...". Does that imply that it is more correct than those that don't?
Anyway. It has happened that reputable vendors sourcing stuff through reputable suppliers have been burned by fakes. Turns out the supply chains are so complex that the rogue guys can always find a way in.
The question here is: Does the new FTDI driver accidentally, just happen, to not work with clone chips? Because, after all FTDI cannot know what those clone chips do.
Or, does the new FTDI driver deliberately brick my machine because I somehow have a fake chip?
The former is acceptable. The latter is not.
If they would have just identified the counterfeit chip and as a result pop up a warning and refuse to let the driver work with the fake that would accomplish the same thing. Effectively disable the use of that device and inform the user that they are not using a real FTDI chip. However, they decided to try and take a step further to "BRICK" the offending device. That crosses a line that will and should cause some backlash against FTDI. Instead of gathering sympathy and support they have ****** off a LOT of people with their methods and in the end it will probably damage the FTDI reputation. It has in my eyes. That is sad since I do think they made the best USB to Serial adatper chips but if this is the kind of stunt they will pull then I will look for alternatives myself. The way they did it really punishes the users who may have thought they had a real FTDI chip. Really, a warning would have been the correct response.
I guess the Arduino board designers did well when they decided to drop FTDI and just use a different USB chip on their boards. Those won't be affected by this poorly thought out update by FTDI.
Bad FTDI Bad....
FTDI is trying to make the end user responsible for the whole supply chain. Why would any company believe this is a good idea or even possible? And bricking a device during a driver install is either totally inept programming or a purely malicious action. I know what I think it is.
with an intent to also brick the fakes they are in trouble. Thanks Parallax. All of my stuff is ok.
I don't think I have a board with a cloned FTDI chip, but that's not the point. Seeing what was a respected company face the possibility of crash and burn gives no joy. It's a shake-your-head day, for sure. Why would someone risk trashing their business in this way?
The real truism of life is you can't escape death, taxes, and lawyers. Dart forgot the last one.
Microsoft has been playing fast and loose with Windows updates, so I'm happy to pull them in as part of the fault for this. Just when was "Bing Bar" considered a Windows Update?
Make your driver fail to work with the clones. Rendering a piece of hardware I own useless is crossing the line...
You take your car to the dealership and they discover that you've put aftermarket brake pads on, so while they are sevicing your car, they disable the brake system....
Send in the clowns... eh.. lawyers...
You rather miss the point.
FTDI should offer no warranty on others USB parts, but neither should FTDI intentionally/maliciously damage goods a customer may have purchased in good faith.
A USB driver is a passive software layer, software that morphs into a hunt and destroy device re-programmer, is no longer 'a USB driver'.
There is no warning, no recovery path offered, just *BANG* - and it seems even there, no explanation that they just rendered your wigit inoperable on any PC.
Seriously annoyed customers will be motivated enough to give money to lawyers over this.
Their wording even seems to say this could damage non counterfeit devices ?!
We shifted from FTDI to SiLabs, mainly because SiLabs had a Dual UART version for similar price.
FTDI are still the main game in town for High Speed USB.
What "professional" products do you have that communicate to a Windows PC using a FTDI based serial port?
There must be at least some for all the hue and cry about the clones. If it were just the hobby market, that's an insignificant segment for the effort and risk. Easier to target the counterfeits at the customs level, and write C&Ds to some of the known infringers. All it takes is a few well publicized actions to get others in line.
I'd think most products would be microcontroller based, often custom design, possibly from both military and commercial vendors. That could mean anything from automotive analyzers, home care and hospice products, electronics bench tools (e.g. scopes and logic probes), testers used in aviation (private, commercial, and defense), custom alarm systems, programmable mobility devices, and so on. Sony probably wouldn't use one, but a defense contractor selling a product to the military might. As could specialized health care products sold to nursing homes, hospitals, and doctors. What might a home dialysis machine have in it for connecting to a PC? Who knows for sure, but if it's a cloned FTDI chip, someone is going to be in a world of hurt (to quote Jesse Ventura).
Depending on how and where their products were manufactured, not all of these makers would be in a position to know if their products contained non-genuine parts. USB is often treated as something of a dark science best left to others. That's why FTDI is even in business to begin with.
When this story broke I tried to find a list on FTDI's site of third-party products, and couldn't find one. That's understandable, as that list would only benefit their competitors.
In many other USB devices I haven't checked to see what kind or chipset they use. So any ones we don't know specifically will be safe can now not be used for fear of turning it into a brick. It could be fine but at this point anything that says FTDI on the chipset may be suspect and could be bricked.
I guess I can start plugging each device into my Raspberry Pi and then have it look up the chipset to see if it is non-FTDI then it would be safe to use. Otherwise it may be at risk.
I'd say that FTDI just trashed their own brand with this smooth move and just did a lot of damage to itself. It's a mess.
Any software purposely written to brick hardware is MALWARE and should be treated as such.
According to and update on this site It appears that Microsoft may have gotten wind of this and pulled the hostile driver.....
http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/
FTDI buys a VID/PID for the devices they produce. They produce a driver and pay MS to get it certified for Windows Update. They pay Apple some money to do the same. They even produce a driver for Linux and other OSes and spend time and money to get the drivers installed on standard distributions and loaded on demand..
All on their expenses. They do not do that because they are philanthropic, they do that to sell their hardware. To make it easy for users now not in need to install some driver.
I bet that FTDI is spending more money on driver development and license fees and certifications and whatever per year as any 3 of all of us earn together in the same year.
The new driver removes the VID/PID from the device after finding out it is not a device made by FTDI and using this VID/PID pair claiming it is. A VID paid for by FTDI just for the reason to identify their hardware.
That is the only reason that VID exists at all.
So what is the problem here?
People are claiming that the Volkswagen Bus with Mercedes Stars they bought is not really a Mercedes and the Mercedes Breaks don't fit? Or if they fit don't brake good enough?
Mercedes de-badgeing their Volkswagen?
FTDI is owning that VID and remove it from things not produced by them.
What is wrong with that?
They are not destroying any hardware. They just de-badge it. Ripping of the label stating it is a FTDI product. Because it is not.
Mike
Seems Microsoft have 'gotten things together here', and their legal risk/exposure take is not quite the same as yours ?
["Update: Microsoft has given us a statement:
Yesterday FTDI removed two driver versions from Windows Update. Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update."]
well @jmg
what I think is right or wrong is my personal decision. It may or may not be coherent with law or what layers are able to do with law. It is just the way to think about stuff my parents implanted in my brain thru examples and education. Name it morals and values if you need a label for it.
So my post was in no way intended to be a legal advice at all.
Just my personal opinion about this.
I just think that FTDI has the right to do this by removing the VID/PID from the device because it is not a device from FTDI who paid for that VID.
nothing is destroyed. NO hardware. NONE.
The clones are just de-badged by overwriting the wrongfully used FTDI owned VID/PID identification with 0.
NO hardware destroyed. Just de-badged.
if the guys producing the clones have to write their own driver and go thru the same verification process to get that seamless integration feeling of FTDI drivers then they will not be cheaper as FTDI is.
They are just stealing other peoples work without even being ashamed of it.
Like china in general is doing and this will bite us bad pretty soon.
Legal? maybe.
Right?
Decide for yourself
Mike
However, your model ignores the collateral damage in this action, which is the final customer, who may most likely be an innocent party.
Hmm, something that was working, no longer works, so that end user is going to have some trouble with your line here.
You see, this is not a simple electrons-vs-electrons battle, there are humans caught in the cross fire.
If FTDI imagine they have a carte blanche to cause collateral damage, then I and a great many others have a right to move them down a preferred supplier list.
No electrons are involved in my decision, but it will have its own collateral damage to FTDI's bottom line.
Somewhere in all of this, some humans will have to decide which 'collateral damage' is the worst.
Microsoft seem to have already made their decision, and it seems FTDI are rethinking theirs too...
That software was meant for real FTDI devices, not a cheap knock-off micro masquerading as one pf FTDI's and sold by thieves to greedy little people in the West. If the cheap fools used a real FTDI chip it wouldn't be a issue. Evidently it stung a lot of low rent hobbyists who been buying a bunch of cheap USB stuff off those dubious Chinese vendors on Ebay. Given how much screaming they are doing, it looks like FTDI hit a raw nerve with this bunch of cheapskates.
What did they expect from the knock off capitol of the world at bottom dollar prices? The real deal. Not for the prices they are selling at. So some got stung and go boo hoo because their Chinese sweatshop made $8 Arduino board isn't working anymore. Tough cookies you got pinched.
It's like buying a stolen car and the cops catch you and take your stolen car from you or going to Santee Alley in Los Angeles and buying a knock-off Rolex for $50.00 which then falls apart within weeks of use. You get what you pay for when you cheat.
The take home for this is: don't be a low rent type and expect that the sweat shop product you bought off Ebay is the real thing, especially when the real thing sells for a lot more here.