Author Topic: FTDIgate 2.0?  (Read 211750 times)

0 Members and 1 Guest are viewing this topic.

Offline filssavi

  • Regular Contributor
  • *
  • Posts: 180
Re: FTDIgate 2.0?
« Reply #75 on: January 31, 2016, 06:12:43 am »
interferance, bad connection and stuff are things that can happen just out of bad luck, and no one can be blamed for that
No, it is not a bad luck. It is poor design or poor implementation.


so you can abslutely guarantee that in any case and under any circunstance the product you will design will not fail if subjected to any pattern of connection/disconnection/reconnection cycles due to a bad connection or to any interferance whatsoever whitout ever causing a problem to the circuit???

if so why are you here talking and not making billions upon billions selling guaranteed EMI/EMP immune gear to the military forces of the whole world

the fact is that designing a reasonably safe product is doable, designing a guaranteed safe commercial (well even in 1 off quantity where you can forget the process variation and you can chose precise components) product is impossible, there always will be the corner case where the product will fail, also guaranteeing
that the failure will lead to any damage is not doable either

in the folowing pdf you can see a vast range of examples of failures due to EMI in NASA and other mainly US military gear and vehicles, since you said so we must conclude that NASA and others cited in this article don't know how to design electronic equipment

http://www.cvel.clemson.edu/pdf/nasa-rp1374.pdf
 

Offline dannyf

  • Super Contributor
  • ***
  • Posts: 8230
  • Country: 00
Re: FTDIgate 2.0?
« Reply #76 on: January 31, 2016, 06:15:38 am »
"But they have no right to manipulate it either."

How do they "manipulate" it?

Again, for a group that often holds other people to the highest standard of morality, you collectively seem to have a very low bar for yourself.
================================
https://dannyelectronics.wordpress.com/
 

Offline RFZ

  • Regular Contributor
  • *
  • Posts: 50
  • Country: de
Re: FTDIgate 2.0?
« Reply #77 on: January 31, 2016, 06:22:31 am »
How do they "manipulate" it?

My Software is sending "YES" to my device and the FTDI driver converts it to "NON" being sent to my device.

What is it other than manipulation?
 

Offline zapta

  • Super Contributor
  • ***
  • Posts: 6009
  • Country: us
Re: FTDIgate 2.0?
« Reply #78 on: January 31, 2016, 06:23:34 am »
"But they have no right to manipulate it either."

How do they "manipulate" it?

By intentionally modifying the data sent to the device and not informing the end user about it.
Drain the swamp.
 

Offline filssavi

  • Regular Contributor
  • *
  • Posts: 180
Re: FTDIgate 2.0?
« Reply #79 on: January 31, 2016, 06:28:30 am »
"Except this time. Now a few thousand of your product are out there with fake FTDI chips, ..."

Why is that it is ftdis faulty that you have lax production control? Just because you cannot assure that the real thing is used in your products, some one else has to support it?

Does it sound reasonable to you?

so since is designer's/manifacturer's fault for not checking you can guarantee  and certify that you made shure each and every component you ever specified, active, passive or connector was genuine and that no product did not have any fake part whatsoever?

obviously just buying them on farnell/digikey doesn't count since it's pretty much established that in rare occasion (and not for their fault i'll say) they have sold fake parts (there is even a video where dave got burned from digikey)
 

Offline Refrigerator

  • Frequent Contributor
  • **
  • Posts: 709
  • Country: lt
Re: FTDIgate 2.0?
« Reply #80 on: January 31, 2016, 06:36:59 am »
Wait, does this new driver say "Marco" and expect "Polo" from the original and if it gets nothing it refuses to work ?
How long will it take for the chinese manufacturers to mimic the original ? From what i know the fake FTDI has a mask ROM so all the chinese have to do is to change the mask ?  :popcorn:
Just started a blog at http://brimmingideas.blogspot.com/ . Not much in it as of now but more is sure to come :)
 

Offline filssavi

  • Regular Contributor
  • *
  • Posts: 180
Re: FTDIgate 2.0?
« Reply #81 on: January 31, 2016, 06:53:31 am »
probably it'll be some kind of challenge and response mechanism (like ftdi driver send some random bits as challenge, FTDI chip, which is nothing else then a glorified special purpose microcontroller calculate a math function (most probably a hash of some sort) and then spits the answare back to the PC, so is a bit more complicated than just changing a couple of masks

that sais it's not that difficult to reverse engineer the function given enough time with enough math and silicon reverse engineering capabilities as you said i totally expect chinese to change slightly the design and make use of said driver...

DRM (to which this is related) has never, ever, ever worked, it might fend of random casual joe blog's kind of counterfeiters, but chineese industry is not that easy to fool...
 

Offline MT

  • Frequent Contributor
  • **
  • Posts: 650
  • Country: fo
Re: FTDIgate 2.0?
« Reply #82 on: January 31, 2016, 06:57:17 am »
Quote
if someone kills a man he will be prosecuted
So if you drive over someone with a car, is it you or the CEO of Fiat that should be charged?

CEO of FIAT! Because they make so lousy cars!

A Japanese who was killed by the atom bomb once sued US government for dropping it.
Court later found that the Japanese should have sued the guy in the plane who opened the bomb bay doors.
 

Online wraper

  • Supporter
  • ****
  • Posts: 7334
  • Country: lv
Re: FTDIgate 2.0?
« Reply #83 on: January 31, 2016, 07:05:22 am »
they have sold fake parts (there is even a video where dave got burned from digikey)
Most likely they were not fakes and Dave didn't say they are fakes. Most likely Digikey put a wrong part (5%) in the package as it wasn't a full reel.
« Last Edit: January 31, 2016, 07:07:37 am by wraper »
 

Offline 0xdeadbeef

  • Frequent Contributor
  • **
  • Posts: 996
  • Country: de
Re: FTDIgate 2.0?
« Reply #84 on: January 31, 2016, 07:05:40 am »
Wait, does this new driver say "Marco" and expect "Polo" from the original and if it gets nothing it refuses to work ?
How long will it take for the chinese manufacturers to mimic the original ? From what i know the fake FTDI has a mask ROM so all the chinese have to do is to change the mask ?  :popcorn:
There is no hint that this (not so) new driver uses a different approach than the older one from 2014 that bricked devices. The idea was (and probably still is) that the genuine chips accept only 32bit (2x16bit) EEPROM writes but some clones accept also single 16bit writes. So if the write succeeds, it's a fake. Or something like that.
Then again, even back then it was clear that only a part of the clones can be identified this way. I have dirt cheap FTDI based USB/UART interfaces from China with suspicious markings and a much too small and sharp pin 1 dent. Still they weren't and aren't identified as fakes.
Trying is the first step towards failure - Homer J. Simpson
 

Offline dannyf

  • Super Contributor
  • ***
  • Posts: 8230
  • Country: 00
Re: FTDIgate 2.0?
« Reply #85 on: January 31, 2016, 07:06:03 am »
"My Software is sending "YES" to my device and the FTDI driver converts it to "NON" being sent to my device."

Ftdi driver does that because forbthe real thing to transmit "yes" it has to receive a "no". But the counterfeit chip doesn't understand that.

That's still ftdis fault?

Sounds like you know who the fault guy is. You are just refusing to acknowledge it.
================================
https://dannyelectronics.wordpress.com/
 

Offline RFZ

  • Regular Contributor
  • *
  • Posts: 50
  • Country: de
Re: FTDIgate 2.0?
« Reply #86 on: January 31, 2016, 07:13:13 am »
"My Software is sending "YES" to my device and the FTDI driver converts it to "NON" being sent to my device."

Ftdi driver does that because forbthe real thing to transmit "yes" it has to receive a "no". But the counterfeit chip doesn't understand that.

That's still ftdis fault?

Sounds like you know who the fault guy is. You are just refusing to acknowledge it.

No, you got me completely wrong. As I confirmed in the second post in this thread, the FTDI driver makes a fake chip send "NON GENUINE DEVICE FOUND!" repeatedly for any character I try to send...

Sending "123" also gets converted to "NON" and "F*** OFF FTDI"  to "NON GENUINE " ...
 

Offline zapta

  • Super Contributor
  • ***
  • Posts: 6009
  • Country: us
Re: FTDIgate 2.0?
« Reply #87 on: January 31, 2016, 07:19:54 am »
"My Software is sending "YES" to my device and the FTDI driver converts it to "NON" being sent to my device."

Ftdi driver does that because forbthe real thing to transmit "yes" it has to receive a "no". But the counterfeit chip doesn't understand that.

Doesn't sound reasonable that the driver sends "NON GENUINE DEVICE FOUND!" to genuine chips. They intentionally manipulate the data the app sends.

If they would do it from day 1 it would be OK. Having a Windows update regressing working products is bad. Buying a FTDI based product is a long term risk.
Drain the swamp.
 

Offline pickle9000

  • Super Contributor
  • ***
  • Posts: 2132
  • Country: ca
Re: FTDIgate 2.0?
« Reply #88 on: January 31, 2016, 07:26:06 am »
I have a hard time understanding why there is such a pissy contest here: FTD is under no obligation to produce a driver that supports counterfeit parts. All you need to do is to make sure a) there is a driver for your counterfeit parts; or b) buy the real thing.

For a group that seems to denounce other people based on the slightest infringement of your moral high moral standard, you seem to have a very low moral standard for yourself.

I just don't have the time, using another part / solution is easier for me and my customers.
 

Offline Karel

  • Super Contributor
  • ***
  • Posts: 1198
  • Country: 00
Re: FTDIgate 2.0?
« Reply #89 on: January 31, 2016, 07:56:08 am »
Buying a FTDI based product is a long term risk.

Nope, no risk at all. Buying a fake chip is a risk.
I don't feel pitty for people who buy cheap chinese (clone) products and start whining when it stops working.


The difference between theory and practice is less in theory than
the difference between theory and practice in practice.
Expensive tools cannot compensate for lack of experience.
 

Offline dannyf

  • Super Contributor
  • ***
  • Posts: 8230
  • Country: 00
Re: FTDIgate 2.0?
« Reply #90 on: January 31, 2016, 08:02:25 am »
Quote
the FTDI driver makes a fake chip send "NON GENUINE DEVICE FOUND!"

What's wrong with that? their driver isn't designed to work with counterfeit chips and god knows what dire consequences they could be if the counterfeit mis-behaved.

At the heart of the issue is if you think ftdi is obligated to support counterfeit chips. If you think 'yes', you have a (legal) Everest to climb in court, and gazillion $$$ to make off of suing FTDI.
================================
https://dannyelectronics.wordpress.com/
 

Offline RFZ

  • Regular Contributor
  • *
  • Posts: 50
  • Country: de
Re: FTDIgate 2.0?
« Reply #91 on: January 31, 2016, 08:07:20 am »
Quote
the FTDI driver makes a fake chip send "NON GENUINE DEVICE FOUND!"

What's wrong with that? their driver isn't designed to work with counterfeit chips and god knows what dire consequences they could be if the counterfeit mis-behaved.

At the heart of the issue is if you think ftdi is obligated to support counterfeit chips. If you think 'yes', you have a (legal) Everest to climb in court, and gazillion $$$ to make off of suing FTDI.
Once again (and for the last time), just not supporting a fake chip is fine, making it send manipulated wrong and potentially harmful data is not.
 

Offline dannyf

  • Super Contributor
  • ***
  • Posts: 8230
  • Country: 00
Re: FTDIgate 2.0?
« Reply #92 on: January 31, 2016, 08:25:24 am »
Quote
making it send manipulated wrong and potentially harmful data is not.

why? To borrow, "what difference does it make?"

When you are actually damaged from such wrong data, you may have a standing to sue. Until then, you are out of luck.
================================
https://dannyelectronics.wordpress.com/
 

Offline blueskull

  • Supporter
  • ****
  • Posts: 9366
  • Country: cn
  • Power Electronics Guy
Re: FTDIgate 2.0?
« Reply #93 on: January 31, 2016, 08:34:07 am »
The safest way to avoid fake parts in your product is not to buy jelly bean parts.

Every time I need a chip, I will search mfgs' website and find the most appropriate one, not the most commonly used one.

If a chip is neither ridiculously expensive (i.e. LTZ1000A) nor used in massive quantity (i.e. FT232), no one will clone it.

So far, I never encountered a single fake CP2104. I heard of some very rare fake CP2102, but the smaller packaged CP2104 is still fine. Also, the cheap price of CP210x makes it not favorable to buy fake chips, so no market, no producer.
SIGSEGV is inevitable if you try to talk more than you know. If I say gibberish, keep in mind that my license plate is SIGSEGV.
 

Offline Ian.M

  • Super Contributor
  • ***
  • Posts: 6314
Re: FTDIgate 2.0?
« Reply #94 on: January 31, 2016, 08:36:07 am »
FTDI could have just written a driver which randomly drops approximately one byte in N if a non-genuine chip is detected.  Start off with N fairly high and decrease it towards 1 in 1000 over time.   Result: fakes and clones get a reputation for being flaky.

If they'd done that originally, FTDIgate would never have happened and they'd still have a reputation as a premium brand for USB connectivity, instead of driving many smart developers to consider alternative chips.
 

Offline dannyf

  • Super Contributor
  • ***
  • Posts: 8230
  • Country: 00
Re: FTDIgate 2.0?
« Reply #95 on: January 31, 2016, 08:38:58 am »
Quote
The safest way to avoid fake parts in your product is not to buy jelly bean parts.

I think if you avoid ebay and Chinese parts, you have eliminated 99% of the chance of getting con'd.

Cheap parts are expensive in the end, as the old saying would have it.
================================
https://dannyelectronics.wordpress.com/
 

Offline blueskull

  • Supporter
  • ****
  • Posts: 9366
  • Country: cn
  • Power Electronics Guy
Re: FTDIgate 2.0?
« Reply #96 on: January 31, 2016, 08:42:13 am »
I think if you avoid ebay and Chinese parts, you have eliminated 99% of the chance of getting con'd.

Cheap parts are expensive in the end, as the old saying would have it.

I meant for a company. You never know who in your entire supply chain will screw it up.

BTW, I did buy parts from Taobao when I was in China or from AliExpress now, but I do not get fake parts often (~1/20 chance).

Do not look at ludicrously cheap parts, and do not get parts that are labeled "fake" in description, and do not buy jelly bean parts.
SIGSEGV is inevitable if you try to talk more than you know. If I say gibberish, keep in mind that my license plate is SIGSEGV.
 

Offline RFZ

  • Regular Contributor
  • *
  • Posts: 50
  • Country: de
Re: FTDIgate 2.0?
« Reply #97 on: January 31, 2016, 08:44:37 am »
FTDI could have just written a driver which randomly drops approximately one byte in N if a non-genuine chip is detected.  Start off with N fairly high and decrease it towards 1 in 1000 over time.   Result: fakes and clones get a reputation for being flaky.

If they'd done that originally, FTDIgate would never have happened and they'd still have a reputation as a premium brand for USB connectivity, instead of driving many smart developers to consider alternative chips.

Yeah right, great idea  |O ... Intentionally manipulating computer data / systems can be considered crime, regardless if the device is yours or fake.

Once again. Just imagine Microsoft would randomly delete some bytes of the files you create on PCs with a non genuine licence...
 

Offline blueskull

  • Supporter
  • ****
  • Posts: 9366
  • Country: cn
  • Power Electronics Guy
Re: FTDIgate 2.0?
« Reply #98 on: January 31, 2016, 08:48:57 am »
People will be very happy if it does not dump garbage through serial port. Just refuse to work at all and generate a message box saying your device is fake.

BTW, if it keeps screwing victims up, there will eventually be an open source driver to replace it.

People did not development this just because there was no need. But since it has OSS linux driver, replicating its windows version won't be hard at all.
SIGSEGV is inevitable if you try to talk more than you know. If I say gibberish, keep in mind that my license plate is SIGSEGV.
 

Online rs20

  • Super Contributor
  • ***
  • Posts: 2007
  • Country: au
Re: FTDIgate 2.0?
« Reply #99 on: January 31, 2016, 08:55:03 am »
You know, we can debate the legality (yes), morality (no) and stupidity (yes) of FTDI's decision all we want; but it's all irrelevant because these are the death throes of a company rendered obsolete by the availability of US$0.62 MCUs with USB built in... It's not as if Windows doesn't have a CDC class driver built in that can be referred to by a simple text INF file. The driver in question doesn't care who made the chip! It hasn't been seen to corrupt customer data, not even once!

This company used to be based on a real need; now it's staying afloat due to sheer laziness of designers who would rather spend dollars and board space on a problem that can now be solved with a #include. I used to be one of those designers until the first "FTDIgate", it was just the wake-up call I needed because now my designs are smaller and cheaper! Thanks FTDI!  :D
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf