Author Topic: FTDIgate 2.0?  (Read 382303 times)

0 Members and 3 Guests are viewing this topic.

Offline Karel

  • Super Contributor
  • ***
  • Posts: 2214
  • Country: 00
Re: FTDIgate 2.0?
« Reply #325 on: February 03, 2016, 07:38:57 am »
FTDI could easily kill the clones by selling at a lower or equal cost.

How do you know that? Are you friends with the bookkeepers of FTDI?
Can you share your inside information?
 

Offline Karel

  • Super Contributor
  • ***
  • Posts: 2214
  • Country: 00
Re: FTDIgate 2.0?
« Reply #326 on: February 03, 2016, 07:41:27 am »
Why in the world do people let Windows update device drivers in the first place?

Why in the world do people use Windows in the first place?
 

Offline Boomerang

  • Regular Contributor
  • *
  • Posts: 52
Re: FTDIgate 2.0?
« Reply #327 on: February 03, 2016, 07:47:29 am »
I ran a quick 24hr vote on Twitter. This was the result:



My choice (if available) would be "do nothing - just don't work with the chip"
 

Offline nctnico

  • Super Contributor
  • ***
  • Posts: 26751
  • Country: nl
    • NCT Developments
Re: FTDIgate 2.0?
« Reply #328 on: February 03, 2016, 09:12:04 am »
My question will be, why would a company develop a product that uses the manufacturer's default VID and PID, knowing that any program that can talk to a COM port could cause damage or be dangerous?

Nah, those products are done by cheap and hobby level products and won't invest in making sure their device is bullet proof.

Regardless of FTDI or whatever other chip is used.
If the product uses the FTDI chip, it is the simplest way to use the manufacturers VID and PID, because otherwise you would have to provide an INF file (which needs to be signed for newer Windows versions), which would simply reference the ftdibus.sys driver anyway. As I've tested, the standard Microsoft usbser.sys doesn't work with the FTDI chips.

I think there is nothing wrong with protecting the IP. I really like the functionality of the FTDI chips, especially the modern versions, like the FT2232H, which you can use as a JTAG programmer as well (supported out of the box by the Lattice FPGA programmer).
Every USB-UART bridge has I/O pins so that JTAG programmer functionality can be implement by any of those. It is not an FTDI specific function.
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline westfw

  • Super Contributor
  • ***
  • Posts: 4195
  • Country: us
Re: FTDIgate 2.0?
« Reply #329 on: February 03, 2016, 10:02:54 am »
Just as an aside, I hope that people are feeling really warm and fuzzy about the fact that all these devices with counterfeit FTDI chips are being SO well tested (not!) with the latest FTDI drivers on several operating systems, before they get shipped to you.   AFAIK, the "latest FTDI driver" has not supported counterfeits since FTDIGate 1, about a year ago (windows just stopped pushing the latest to your PCs...), so I think that old stock should be mostly gone.   Vendors have known about the problem, but they apparently haven't done anything about cleaning up their supply chain OR testing their devices.
(If you're buying one of those hypothetical safety-critical products, I hope that EVERY unit shipped gets enough testing to detect this sort of issue!)
 

Offline all_repair

  • Frequent Contributor
  • **
  • Posts: 716
Re: FTDIgate 2.0?
« Reply #330 on: February 03, 2016, 10:09:32 am »
It is a Moore's law industry, FDTI has actually milked out much more than what a typical company involved in this industry could have done.  To expect to have the same or more shall be wishful thinking.  They are not fighting the compatible, they are fighting Moore's law.  The most valuable thing FDTI had was probably their brand, and if they had been studying IBM and wanted to extract the most value out.  It was to sold their brand away to the lower cost manufacturer when their brand was golden.  But it is too late now after their move of killing compatible chips.  Their chips are finally used by people like me down in the chain, buying for installations and deployment.  It is a lost cause now to me.  I used to spec ONLY FDTI to banning FDTI.  No point thinking about stopping the compatible now, because the whole FDTI well is poisoned.  If I was part of the team, I would want to move all new businesses to another company and show no trace of FDTI association.  Do the protection ahead and not later.  When FDTI is actively poisoning their own well, likely they must have judged there are not much left inside for them.   So Poison it, screw everyone.
 

Offline miguelvp

  • Super Contributor
  • ***
  • Posts: 5550
  • Country: us
Re: FTDIgate 2.0?
« Reply #331 on: February 03, 2016, 10:10:05 am »
Also it should be mentioned that FTDI is not a big corporate company, they are quite small and work (as in overwork their employees) hard to gain a measly $10M or so annually.  Edit: for the whole company not for each individual.

So buying fakes is just adding more working hours for those overworked employees. So go ahead and boycott them so their under 200 employees have to find some other way to earn a living.

 :palm:

Edit: I'll repeat, buy the fake Art Of Electronics 3rd Edition, or make the authors bring the price down to be the same as the counterfeit copies. :palm: :palm:

Yeah like all_repair says, screw everyone!
« Last Edit: February 03, 2016, 10:25:51 am by miguelvp »
 

Offline westfw

  • Super Contributor
  • ***
  • Posts: 4195
  • Country: us
Re: FTDIgate 2.0?
« Reply #332 on: February 03, 2016, 10:29:37 am »
Quote
- Sell cheaper (that's really overdue...)
- upgrade your products, and make your customer like the non compatible new features
You mean, like the new FT230/FT231 products.  Smaller, cheaper, additional features...

Quote
- get to new markets when your product line is dying off
The the VNC2 dual USB-host chips and the EVE display driver?

Quote
in case of FTDI, stop being a malware company
They seem to have TRIED to be a "better driver company", offering a driver that worked better and on more platforms than most of their competitors.  (I remember getting a bad feeling when we were looking at another vendor's USB chips, but they ONLY had windows drivers...)  But that was part of what got them noticed by the counterfeiters, probably.
AFAIK, FTDI drivers/chips still have features that aren't available on many alternatives, or not as easily.   (although that "not as easily" may be irrelevant.  Sure, it's theoretically easier to update the EEPROM fields in an FT232 to customize it for your product, compared to having to do a new firmware image for a dedicated microcontroller.  But not THAT much easier...)
 

Offline miguelvp

  • Super Contributor
  • ***
  • Posts: 5550
  • Country: us
Re: FTDIgate 2.0?
« Reply #333 on: February 03, 2016, 10:38:09 am »
I can picture this:

Yeah, you are all awesome and have achieved in our little Glasgow company what other bigger companies couldn't do. I would love to cut your working hours of 12 hours a day for little compensation and give you all bonuses for all your hard work, but the community is in favor of us cutting the price to compete with companies making clones of our devices, so no bonuses, no raises and I'm sorry to say you have to work 14 hours a day and 8 hours on weekends.

But it's not all a lost, we can all go soak our sorrows at the pub, that is if we can get out of work before last call.
 

Offline nctnico

  • Super Contributor
  • ***
  • Posts: 26751
  • Country: nl
    • NCT Developments
Re: FTDIgate 2.0?
« Reply #334 on: February 03, 2016, 12:11:26 pm »
Also it should be mentioned that FTDI is not a big corporate company, they are quite small and work (as in overwork their employees) hard to gain a measly $10M or so annually.  Edit: for the whole company not for each individual.

So buying fakes is just adding more working hours for those overworked employees. So go ahead and boycott them so their under 200 employees have to find some other way to earn a living.
Being poor doesn't make it right to damage property belonging to others or corrupt data on purpose with potentially severe consequences! As others noted: it is easy to make the driver not load with a device which the driver thinks is fake. If FTDI goes out of business it is good riddance; that is the way the free market deals with companies which don't innovate to reduce the cost of their products. If you look at the comparison between real and fake you'll notice the fakes are produced on a much more modern process than the real chips! If FTDI cared to do a die shrink they could make their devices much cheaper and lower power so cloning them is much less lucrative. BTW: if the employees at FTDI work for more hours than they get paid for they are utterly stupid.
« Last Edit: February 03, 2016, 12:16:09 pm by nctnico »
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline StuUK

  • Frequent Contributor
  • **
  • Posts: 390
  • Country: gb
Re: FTDIgate 2.0?
« Reply #335 on: February 03, 2016, 12:27:42 pm »
Also it should be mentioned that FTDI is not a big corporate company, they are quite small and work (as in overwork their employees) hard to gain a measly $10M or so annually.  Edit: for the whole company not for each individual.

So buying fakes is just adding more working hours for those overworked employees. So go ahead and boycott them so their under 200 employees have to find some other way to earn a living.
Being poor doesn't make it right to damage property belonging to others or corrupt data on purpose with potentially severe consequences! As others noted: it is easy to make the driver not load with a device which the driver thinks is fake. If FTDI goes out of business it is good riddance;

Bit harsh, these are peoples jobs, it more likely the management you should be targeting....

Quote
that is the way the free market deals with companies which don't innovate to reduce the cost of their products. If you look at the comparison between real and fake you'll notice the fakes are produced on a much more modern process than the real chips!

Fair but where are those being produced?

Quote
If FTDI cared to do a die shrink they could make their devices much cheaper and lower power so cloning them is much less lucrative.

Couldn't disagree.

Quote
BTW: if the employees at FTDI work for more hours than they get paid for they are utterly stupid.

Calling employees stupid because they work long hours is totally disingenuous, they likely work long hours either because 1) They care about what they do or 2) because they have little choice or 3) a combination of both 1 and 2. The idea they do it because they are stupid is highly unlikely!
 

Offline amyk

  • Super Contributor
  • ***
  • Posts: 8240
Re: FTDIgate 2.0?
« Reply #336 on: February 03, 2016, 12:31:41 pm »
Also it should be mentioned that FTDI is not a big corporate company, they are quite small and work (as in overwork their employees) hard to gain a measly $10M or so annually.  Edit: for the whole company not for each individual.

So buying fakes is just adding more working hours for those overworked employees. So go ahead and boycott them so their under 200 employees have to find some other way to earn a living.
Their ICs are nothing special anymore. It's like TI going after everyone who clones the 7400...
 

Offline janekm

  • Supporter
  • ****
  • Posts: 515
  • Country: gb
Re: FTDIgate 2.0?
« Reply #337 on: February 03, 2016, 01:09:26 pm »
As a developer, I love this. I always buy important ICs from reputable vendors, and on top of that now I can even properly test them for fakes.
(I also could with the previous ftdi driver that erased PID, but this is easier now.)

Also, whenever I can I've been using ft230x/ft231x in new designs instead of the common ft232r because of the price.

Really? You do realise that the next version of fake chips will be able to pass whatever check FTDI are doing in this version, and then at some random time in the future your product might fail because you depended on that oh so reassuring test...

And one day you may be building some devices on a deadline, and you find out that the FTDI chip is the only one on your BOM that only has stock with distributors on the other side of an anal-retentive customs border. And you have 4 days until CNY. You'll be singing a different tune.

BTW here's one example of a distributor that would have carried FTDI chips but now carry alternatives instead because FTDI won't sell to them: https://www.schukat.com/schukat/schukat_cms_en.nsf/previewindex/CMS2BC96E5EAB296935C1257E0000455669?OpenDocument&refDoc=CMS5AA927DF5F442B33C1256D4F005B1771

And Schukat are a long-established, "name-brand" distributor...

Like I said, FTDI seem to do everything they can to drive themselves out of business here. Businesses building million-unit quantities of their designs weren't using FTDI chips anyway (too expensive and easy to design around), with the exception of Arduino until recently.
 

Offline nctnico

  • Super Contributor
  • ***
  • Posts: 26751
  • Country: nl
    • NCT Developments
Re: FTDIgate 2.0?
« Reply #338 on: February 03, 2016, 01:27:29 pm »
BTW: if the employees at FTDI work for more hours than they get paid for they are utterly stupid.
Calling employees stupid because they work long hours is totally disingenuous, they likely work long hours either because 1) They care about what they do or 2) because they have little choice or 3) a combination of both 1 and 2. The idea they do it because they are stupid is highly unlikely!
I strongly prefer people who care about what they do but they should do it so they ultimately get something in return! When working over hours for your employer you should get paid or gain useful experience. Otherwise you are just working so your manager (or his/her bosses) get a bigger bonus. If you are a good engineer you can always get another job.
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Online madires

  • Super Contributor
  • ***
  • Posts: 7693
  • Country: de
  • A qualified hobbyist ;)
Re: FTDIgate 2.0?
« Reply #339 on: February 03, 2016, 01:43:41 pm »
Their ICs are nothing special anymore. It's like TI going after everyone who clones the 7400...

That's a nice comparison! FTDI has the right to enforce their IP rights, but taking the end customer hostage might be not the best idea. It backfires and could hurt FTDI more than the clones. I think FTDI's management tries to keep their old business strategy working while ignoring the market. It's very similar to the media industry (movies/music). They should innovate and lower the price. The high price is the reason for clones. Cheap chips = less profit per chip, but compensated by more chips sold = no market for clones
 

Offline Karel

  • Super Contributor
  • ***
  • Posts: 2214
  • Country: 00
Re: FTDIgate 2.0?
« Reply #340 on: February 03, 2016, 01:56:45 pm »
Their ICs are nothing special anymore. It's like TI going after everyone who clones the 7400...

Your comparison couldn't be more wrong.
People who "clone" the 7400 don't print the name Texas Instruments on their packages and they certainly don't use a "Texas Instruments driver".
Clones are fine if it's not counterfeit and when they don't use other companies USB VID code in order to avoid the investment of writing their own driver.

 

Offline all_repair

  • Frequent Contributor
  • **
  • Posts: 716
Re: FTDIgate 2.0?
« Reply #341 on: February 03, 2016, 02:04:38 pm »
So buying fakes is just adding more working hours for those overworked employees. So go ahead and boycott them so their under 200 employees have to find some other way to earn a living.
Yah, no fun to loose a living. 
In a stroke of 2 mis-steps, the FDTI has managed to change the perception of their company completely, and damaged their brand totally.  My past FDTI deployments have become ticking time bombs to me.  Can they survive the next FDTI update? and what new compatibles are FDTI going to find? and what new intrusive measures are they going to introduce?  I paid good money for FDTI cables but I can never be sure what did I get.  If I got unlucky and got hit, and my client knew they were "not genuine", then my brand and reputation shall go down the drain with the FDTI.
BTW in some installations, having the latest updates is a regulatory requirement here.
« Last Edit: February 03, 2016, 02:14:35 pm by all_repair »
 

Offline StuUK

  • Frequent Contributor
  • **
  • Posts: 390
  • Country: gb
Re: FTDIgate 2.0?
« Reply #342 on: February 03, 2016, 02:23:59 pm »
BTW: if the employees at FTDI work for more hours than they get paid for they are utterly stupid.
Calling employees stupid because they work long hours is totally disingenuous, they likely work long hours either because 1) They care about what they do or 2) because they have little choice or 3) a combination of both 1 and 2. The idea they do it because they are stupid is highly unlikely!
I strongly prefer people who care about what they do but they should do it so they ultimately get something in return! When working over hours for your employer you should get paid or gain useful experience. Otherwise you are just working so your manager (or his/her bosses) get a bigger bonus. If you are a good engineer you can always get another job.

That's as maybe but equally prevailing localised market conditions will determine people's options on alternative employers irrespective of whether they are the greatest or not. Can't imagine there are that many alternative opportunities in Glasgow in that particular field....
 

Offline FrankBuss

  • Supporter
  • ****
  • Posts: 2365
  • Country: de
    • Frank Buss
Re: FTDIgate 2.0?
« Reply #343 on: February 03, 2016, 02:44:43 pm »
BTW, regarding the quality of their IP: I just tested the SPI mode of the FT2232H with their sample application for the D2XX driver and the SPI_ReadWrite function (with SPI_TRANSFER_OPTIONS_CHIPSELECT_ENABLE and SPI_TRANSFER_OPTIONS_CHIPSELECT_DISABLE, the only modification I made is to transfer 2 bytes). This is how it looks like:

:palm:
So Long, and Thanks for All the Fish
Electronics, hiking, retro-computing, electronic music etc.: https://www.youtube.com/c/FrankBussProgrammer
 

Offline AlxDroidDev

  • Frequent Contributor
  • **
  • Posts: 471
  • Country: br
    • Arduino Web Brasil
Re: FTDIgate 2.0?
« Reply #344 on: February 03, 2016, 03:05:01 pm »
(...)  taking the end customer hostage might be not the best idea. It backfires and could hurt FTDI more than the clones.

Proof of that is several pages of this topic and all the other topics where we bash FTDI. Nobody is bashing Prolific, and they too have had their PL2303 counterfeited and have placed measures to prevent fakes from working with their drivers.

What I don't get is why people are so dead set on using the FT232 chips. The MCP2221 is less expensive, have a broad package options, does the same thing and still have the benefit of a couple GPIO and I2C.
« Last Edit: February 03, 2016, 04:59:24 pm by AlxDroidDev »
"The nice thing about standards is that you have so many to choose from." (Andrew S. Tanenbaum)
 

Offline suicidaleggroll

  • Super Contributor
  • ***
  • Posts: 1453
  • Country: us
Re: FTDIgate 2.0?
« Reply #345 on: February 03, 2016, 03:36:50 pm »
My past FDTI deployments have become ticking time bombs to me.  Can they survive the next FDTI update? and what new compatibles are FDTI going to find? and what new intrusive measures are they going to introduce?  I paid good money for FDTI cables but I can never be sure what did I get.  If I got unlucky and got hit, and my client knew they were "not genuine", then my brand and reputation shall go down the drain with the FDTI.

Don't you see?  If those devices used counterfeit chips, then they were ALREADY ticking time bombs.  You were screwed from the moment the distributor threw a reel of counterfeit chips in a box and slapped a label with your address on it (or your build house's address, or the build house who assembled the product you bought).  It doesn't matter what FTDI does or doesn't do, those devices are already ticking time bombs because they use POS counterfeit chips with unknown specs, zero R&D, and zero QC.

Why are you not as concerned with other counterfeit chips making their way into your product?  What about a counterfeit linear regulator with specs so far out of wack that the output ripple ends up destroying half the devices down the line?  Or shorts Vin to Vout as soon as the ambient temp passes 30 C, blowing up everything on the board?

Personally, I'd much rather the driver tell me what's wrong, than spend weeks/months hunting down an interface that randomly corrupts bytes or drops packets whenever the humidity is above 80% on a Thursday.

FTDI has to put something in their driver to stop communication and tell you what's wrong.  Not doing so would just be sweeping the problem under the rug, ruining their reputation, manufacturers' reputations, and allowing the problem to get even worse.

Now WHAT they do is certainly up for debate.  For ME and MY APPLICATIONS, it makes absolutely no difference if they simply won't talk to the chip, brick the chip, or change the output of the chip to read "NOT GENUINE".  No matter what they choose, the device is going back to the manufacturer (or if this is my device, it's going back to the build house, or if I built it myself, I'm getting on the phone immediately with Digikey/Mouser).  It really doesn't make a difference.
« Last Edit: February 03, 2016, 03:39:17 pm by suicidaleggroll »
 

Offline all_repair

  • Frequent Contributor
  • **
  • Posts: 716
Re: FTDIgate 2.0?
« Reply #346 on: February 03, 2016, 03:52:11 pm »
My past FDTI deployments have become ticking time bombs to me.  Can they survive the next FDTI update? and what new compatibles are FDTI going to find? and what new intrusive measures are they going to introduce?  I paid good money for FDTI cables but I can never be sure what did I get.  If I got unlucky and got hit, and my client knew they were "not genuine", then my brand and reputation shall go down the drain with the FDTI.

Don't you see?  If those devices used counterfeit chips, then they were ALREADY ticking time bombs.  You were screwed from the moment the distributor threw a reel of counterfeit chips in a box and slapped a label with your address on it (or your build house's address, or the build house who assembled the product you bought).  It doesn't matter what FTDI does or doesn't do, those devices are already ticking time bombs because they use POS counterfeit chips with unknown specs, zero R&D, and zero QC.

Why are you not as concerned with other counterfeit chips making their way into your product?  What about a counterfeit linear regulator with specs so far out of wack that the output ripple ends up destroying half the devices down the line?  Or shorts Vin to Vout as soon as the ambient temp passes 30 C, blowing up everything on the board?

Personally, I'd much rather the driver tell me what's wrong, than spend weeks/months hunting down an interface that randomly corrupts bytes or drops packets whenever the humidity is above 80% on a Thursday.

FTDI has to put something in their driver to stop communication and tell you what's wrong.  Not doing so would just be sweeping the problem under the rug, ruining their reputation, manufacturers' reputations, and allowing the problem to get even worse.

Now WHAT they do is certainly up for debate.  For ME and MY APPLICATIONS, it makes absolutely no difference if they simply won't talk to the chip, brick the chip, or change the output of the chip to read "NOT GENUINE".  No matter what they choose, the device is going back to the manufacturer (or if this is my device, it's going back to the build house, or if I built it myself, I'm getting on the phone immediately with Digikey/Mouser).  It really doesn't make a difference.
I am not going to feed you.  If you are serious then what I can say is please get some real exposure from the industries. 
 

Offline MT

  • Super Contributor
  • ***
  • Posts: 1616
  • Country: aq
Re: FTDIgate 2.0?
« Reply #347 on: February 03, 2016, 04:16:43 pm »
I haven't seen anyone suggest a viable alternative to fight clones.

"NON GENUINE FTDI DEVICE FOUND!" PC will self destruct in 50..49..48...47..etc countdown seconds!
 

Offline MT

  • Super Contributor
  • ***
  • Posts: 1616
  • Country: aq
Re: FTDIgate 2.0?
« Reply #348 on: February 03, 2016, 04:20:13 pm »
BTW, regarding the quality of their IP: I just tested the SPI mode of the FT2232H with their sample application for the D2XX driver and the SPI_ReadWrite function (with SPI_TRANSFER_OPTIONS_CHIPSELECT_ENABLE and SPI_TRANSFER_OPTIONS_CHIPSELECT_DISABLE, the only modification I made is to transfer 2 bytes). This is how it looks like:

:palm:

"GENUINE FTDI DEVICE FOUND" CONGRATS" PC will self destruct in 50..49..48..47 etc countdown seconds!
 

Offline Sal Ammoniac

  • Super Contributor
  • ***
  • Posts: 1662
  • Country: us
Re: FTDIgate 2.0?
« Reply #349 on: February 03, 2016, 04:59:29 pm »
Why in the world do people use Windows in the first place?

Because it works? Because I've had fewer blue screens in the last few years than I've had kernel panics on Linux? Because a lot of good software (like Photoshop) only runs on Windows and I won't accept poor substitutes (like the Gimp)?
Complexity is the number-one enemy of high-quality code.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf