FTDI driver kills fake FTDI FT232??

[krater]

In case anyone was still wondering if this is intentional and malicious...



Straight out of their driver. Function/variable naming and comments mine.

Edit: Ooooh this is cleverer than I thought. So what's going on is that on real FT232RLs, the EEPROM is written in 32-bit units: writes to even addresses are buffered, and writes to odd addresses write 32 bits at once: the buffered 16 bits, and the supplied 16 bits. So, on a real FT232RL, this code does nothing; it just buffers 16 bits then buffers another 16 bits and no writes are issued. On a clone FT232RL, this writes the PID to 0 (breaking the checksum) and writes not the checksum, but the value required to make the existing checksum match to address 62. In combination, these two writes make the checksum at address 63 valid again (without modifying it). I've updated the image above with the new analysis.

Thanks for your reverse engineering.


I think all other things are sayd. I would wonder if no one of the poeple that posts here for FTDI is payd.

[sacherjj]

Parody patch sent for linux kernel. 

https://lkml.org/lkml/2014/10/23/129

[crenn6977]

Parody patch sent for linux kernel. 

https://lkml.org/lkml/2014/10/23/129

You sure that's a parody? Also, damn you beat me to posting that link.

[krater]

Parody patch sent for linux kernel. 

https://lkml.org/lkml/2014/10/23/129

*ROFL*

[wraper]

Their only defense was that they're exploiting a side-effect of running some code on the counterfeit device, but that stopped being effective as an excuse the moment they acknowledged they are aware their drivers are actively bricking third party devices.

Technically why should they bother in that case. It works perfectly on the target device. If the poorly cloned counterfeit device which is illegal to sell cannot bear normal operation of the driver, why should they bother at all. Manufacturer is not supposed to modify drivers because of the counterfeit device exists. Moreover rolling back to the older driver if you know that it is a fake, is also breaking of the older driver licence agreement. So technically what is a difference between bricking the device and make user to know that it is a fake as it becomes illegal to use the counterfeit device since the moment user becomes aware of it being fake?

[krater]

Their only defense was that they're exploiting a side-effect of running some code on the counterfeit device, but that stopped being effective as an excuse the moment they acknowledged they are aware their drivers are actively bricking third party devices.

Technically why should they bother in that case. It works perfectly on the target device. If the poorly cloned counterfeit device which is illegal to sell cannot bear normal operation of the driver, why should they bother at all. Manufacturer is not supposed to modify drivers because of the counterfeit device exists. Moreover rolling back to the older driver if you know that it is a fake, is also breaking of the older driver licence agreement. So technically what is a difference between bricking the device and make user to know that it is a fake as it becomes illegal to use the counterfeit device since the moment user becomes aware of it being fake?

Why ? Because they are now in a war that they can't win. Chinese manufacturers will follow and then they can update their drivers again. And so on.....

AND:It's NOT illegal to sell the chip. Maybee some of the chips are wrapped with epoxid and tagged as ftdi, but you're sure all destroyed chips are so? how can the driver test this ? Its illegal to destroy chips with this insufficient test!

It will not be more true if you post this wrong fact in every of your messages.

Edit:And if the war runs long enough, chinese cloners have perfect rebuilds that works like the original with no chance to test for the driver.

[wraper]

AND:It's NOT illegal to sell the chip.

Yes it is. As it is illegal to even send it abroad tor return back to the seller as any other counterfeit.

[bookaboo]

Agreed.

I'm still wondering just how big of a problem this is for FTDI and just what other options it had to protect itself from being cloned out of its own market?

Well, there are plenty of ways they could have taken instead of bricking hardware. And it obviously is a problem for them when they are taking such ridiculous action as to sabotage someone else's hardware.

Such as?

Nag screen when you plug in a device something like what microsoft do, in form the user and annoy them slightly then let them on their way 

"You may be a victim of USB hardware counterfeiting, please contact your supplier to ensure they use only genuine FTDI parts"

[nctnico]

Parody patch sent for linux kernel. 

https://lkml.org/lkml/2014/10/23/129

It seems the official Linux kernel is already patched to keep using the bricked FT232 devices. https://www.mail-archive.com/linux-usb@vger.kernel.org/msg50762.html
I also see that the driver supports a healthcare device so I hope there are real FTDI devices in there.

[German_EE]

After going through my USB devices it appears that I may need to be careful with one item:

Logic Analyzer Bus 001 Device 004: ID 0925:3881 Lakeview Research

MiniVNA Bus 006 Device 003: ID 0403:6001 Future Technology Devices International, Ltd FT232 USB-Serial (UART)

Picoscope Bus 002 Device 003: ID 0ce9:1001 pico Technology PicoScope3204

Parallel Port Interface Bus 006 Device 004: ID 067b:2305 Prolific Technology, Inc. PL2305 Parallel Port

Old Webcam Bus 006 Device 005: ID 093a:2460 Pixart Imaging, Inc. Q-TEC WEBCAM 100

New Webcam Bus 002 Device 007: ID 046d:082b Logitech, Inc.

I have no idea if the FTDI chip in my MiniVNA is genuine or a fake and just to get to the chip will mean a complete strip down. I may wait a few days to see if the patch is removed by Microsoft.

[krater]

AND:It's NOT illegal to sell the chip.

Yes it is. As it is illegal to even send it abroad tor return back to the seller as any other counterfeit.

Why should it be illegal ? the chip is not a copy, its a rebuild from reverse engineering and datasheets. Thats legal in the complete eu and in many other countries. in china, where the chips are developed its legal too. So can you me name ANY real reason why this chips should be illegal ?

[Immortal]

FTDI is at fault for this as they were the ones who passed on the driver to Microsoft to be included in the update. Microsoft are doing as they have always done and take the word of the manufacturers that what they are going to be including into their update will not be malicious to preexisting devices.

Yes it's a pain that this situation has come about and yes it's a pain that some peoples devices are being affected by this, but it is not the customers fault that devices are being bricked, intentionally or not. The fact of the matter is that this situation has happened. The only foreseeable way out of this is for FTDI to change their code to support correcting this issue in affected devices, which they will not want to do or foot the bill for as it's not their product in the device which is now broken.

Such as the situation is bad, this has highlighted sellers of this chip so people who have bought fake chips know where they bought them from and those places should be listed as not to further the problem. Microsoft should reverse the update so that it doesn't affect any further devices and those with affected devices will have to foot the bill and pass that back on to the manufacturing and sellers of the fake devices which were purchased.

In the long run, it's a terrible thing that has happened but but it can be reversed on most devices and once Microsoft pulls the update those devices will be able to work again, albeit that FTDI won't want to be changing their source... they should think about doing so as a customer relations exercise.

[wraper]

AND:It's NOT illegal to sell the chip.

Yes it is. As it is illegal to even send it abroad tor return back to the seller as any other counterfeit.

Why should it be illegal ? the chip is not a copy, its a rebuild from reverse engineering and datasheets. Thats legal in the complete eu and in many other countries. in china, where the chips are developed its legal too. So can you me name ANY real reason why this chips should be illegal ?

If you can find a single clone that is not marked as FT232, then maybe. But I'm not aware of such existing, as they are mostly prolific clones. Anyway now people are yelling about bricking devices where are chips with FTDI and FT232Rx written on them indeed. I'm not big supporter of such tactics, but i think that technically it is OK to do in legal aspect.

[Simon]

I bought an FTDI cable from farnell, it came with no driver so FTDI seem to be maliciously using microsoft as a distribution medium as a device that was originally installed by windows is more likely to have an update installed for it by windows......

If FTDI supplied a driver then they could remote;ly argue that they aren't responsible for the choice of drivers used.

[krater]

AND:It's NOT illegal to sell the chip.

Yes it is. As it is illegal to even send it abroad tor return back to the seller as any other counterfeit.

Why should it be illegal ? the chip is not a copy, its a rebuild from reverse engineering and datasheets. Thats legal in the complete eu and in many other countries. in china, where the chips are developed its legal too. So can you me name ANY real reason why this chips should be illegal ?

If you can find a single clone that is not marked as FT232, then maybe. But I'm not aware of such existing, as they are mostly prolific clones. Anyway now people are yelling about bricking devices where are chips with FTDI and FT232Rx written on them indeed. I'm not big supporter of such tactics, but i think that technically it is OK to do in legal aspect.

The thing is, the driver will destroy the chips that are not marked as FTDI too. In germany(and I think EU too) we have laws against this.

Technically all you can do is okay. But technically if FTDI has a security problem of his computers it's okay too to steal all it's IP and sell it to china. They are dumb enough to don't close the security flaw, so they must suffer. But shall we really think just technically ?

I think its really dumb to do that, because it's just breaks old payd working devices, and some new ones. The new ones will now equiped with better fakes or chips from other vendors. The win of this is volatile. the image problem for FTDI will remain.

[andersm]

So what makes it impossible that someone in china bought 1k FTDI chips and is willing to sell them to me at cost+shipping+margin ending up cheaper than Farnell at 5, 10 or 20 quantity?

Nothing, but if you buy from a source that doesn't offer the traceability of distributors, that's a chance you're willing to take. You're also willing to accept that the parts may have suffered from ESD damage, been improperly stored and all the other things distributors take care of.

Edit:And if the war runs long enough, chinese cloners have perfect rebuilds that works like the original with no chance to test for the driver.

That goes without saying. The only question is how long it takes for the current generation of clones to disappear from the market.

Why should it be illegal ? the chip is not a copy, its a rebuild from reverse engineering and datasheets. Thats legal in the complete eu and in many other countries. in china, where the chips are developed its legal too. So can you me name ANY real reason why this chips should be illegal ?

The chips are sold as FTDI chips, bearing the FTDI markings. That makes them counterfeits, and selling them is not legal in the EU.

[Simon]

So what makes it impossible that someone in china bought 1k FTDI You're also willing to accept that the parts may have suffered from ESD damage, been improperly stored and all the other things distributors take care of.

And would you like a tin hat to go with that ? I've never had problems and use paper bags

I bought 1000 ATmega328's from Farnell only to find that they were packed in the shittiest tubes I've ever seen (looked more like extra thick socket tubes) with wrong sized rubber plugs, they fell out got all bent up in the box and some didn't even work, god knows how they ended up in non atmel branded tubes of random lengths. I could be forgiven for thinking they had been swept up from a factory floor and repackaged.......

Good news is that I program the arduino bootloaders myself so any dodgy ones show up and get canned by me.

[hans]

I can think of 2 issues why FTDI would do this, and why they should not do this:

The biggest problem I can think of is support for FTDI. If a customer have had a batch made in China, came back for compliance testing and failed on the USB part. "But I thought we were using the FTDI chip correctly - all engineering data looked OK; let's contact FTDI!". It would be a very nasty surprise for both parties if it turns out the chips were fake. I suspect they have had numerous cases of this happening, which had maybe costed them a lot of money and faith for those customers. Resetting the Vendor ID sounds like:  "get of my USB lawn!" - which is OK-ish.

However their software states you can only use it with official FTDI chips. Unless I have read over it, but does that also reserve them the right to interface and interact with chips that are not official FTDI? If it does, then it was OK in the first place to use FTDI-compliant chips with their driver. But that is obviously not what they want.
So I assume their driver license excludes the usage of unofficial FTDI chips with their driver - so why they the hell are they interfacing with it in the first place and change the ID? Or will they defend this as the only detection mechanism for a counterfeit chip?

I would have thought a better solution would be that the FTDI chip wouldn't enumerate and display the device descriptor as "Counterfeit FT232RL". Bricking the chips and affecting end customers is rather.. how the Chinese works. They will probably be beaten by experience at that level.

[krater]

Why should it be illegal ? the chip is not a copy, its a rebuild from reverse engineering and datasheets. Thats legal in the complete eu and in many other countries. in china, where the chips are developed its legal too. So can you me name ANY real reason why this chips should be illegal ?

The chips are sold as FTDI chips, bearing the FTDI markings. That makes them counterfeits, and selling them is not legal in the EU.

No, the CHIPS are marked as SR1107 SUPEREAL, the epoxid where the chips in are marked as FTDI. But are you sure all chips hat FTDI cases ? I'm not.

[andersm]

No, the CHIPS are marked as SR1107 SUPEREAL, the epoxid where the chips in are marked as FTDI. But are you sure all chips hat FTDI cases ? I'm not.

Show me even one instance where that has happened. As far as I'm concerned, it's just hyperbole and hypotheticals.

[wraper]

But shall we really think just technically ?

That's what lawyers and judicial system are for. So bastards can technically be clean and get away according to the law  .

[FPGAcrazy]

I understand there are a lot of angry people out there. But I have some remarks to think about.

1. FTDI detects that the chips are counterfeit, however the process of doing this bricks the counterfeit chips. The copy is not functional equivalent to the real FTDI chip and therefor stops working.
2. After this detection process the chip is left in a undefined state. Is it really the task of FTDI to clean this up?
3. If they choose to do the test and restore the content of the eeprom it will also result in a massive failure of devices. Because frequently programming and erassing an eeprom will certaintly destroy it. Keep in mind that the FTDI device eeprom is not programmed using this detection circuit.

I agree, that this detection method is a lost cause. Because counterfeit chips will have the same behaviour in approximately 3 to 4 months. This will make them even harder to detect.

Comparing INTEL vs AMD is not a good comparising in this case, because they have cross licensing deals. AMD did not reverse engineer the chips, but had a license to produce the design from INTEL for INTEL. AMD manufactored copyright by INTEL and so on.

FTDI is only preventing user from using their driver with counterfeit chips. There is nothing wrong with this.
This process also prevents reverting to older driver. For now this works.

The question is also how good do these chips work and are they fully compatible. The answer for now is NO and therefor can't be used with the FTDI driver.

The USB vendor id and product id are reserved for and by FTDI. Using them results in a non working plug and play system.

The chips are sold as counterfeits and therefor they should not be used. This is very simple and is valid in the whole of europe.  A fake Rolex will also be destroyed and the buyer is responsible for this. Actually buying counterfeit products is a crime.

Ok my thoughts on the subject.

[XFDDesign]

So...
there's this drug dealer.
He sells the good stuff.
And there's these people who like drugs.
So they buy lots of drugs from him
and then some other dealer moves in
and sells drugs of lesser quality... but similar
So they start going to this new guy
and the older dealer?
what does he do?
RIGHT
he shoots the junkies.

[marcan]

1. FTDI detects that the chips are counterfeit, however the process of doing this bricks the counterfeit chips. The copy is not functional equivalent to the real FTDI chip and therefor stops working.
2. After this detection process the chip is left in a undefined state. Is it really the task of FTDI to clean this up?

This is incorrect. FTDI doesn't actually detect that the chips are counterfeit at all. The driver, instead, uncoditionally, and without feedback, issues a set of commands that have been carefully and meticulously crafted to do nothing to a real FT232RL (and only FT232RL - they'd almost certainly brick other FT*** chips!) while bricking a counterfeit chip. The driver doesn't even check if the device was bricked/modified/a clone. In fact, I believe the driver will work fine with a clone the first time it's plugged in - until the device is reset, the new EEPROM content is applied, and the brick becomes evident.

3. If they choose to do the test and restore the content of the eeprom it will also result in a massive failure of devices. Because frequently programming and erassing an eeprom will certaintly destroy it. Keep in mind that the FTDI device eeprom is not programmed using this detection circuit.

EEPROMs are usually pretty resilient (unlike Flash), and only counterfeit chips would actually be programmed, and then only once each time they are enumerated. This would not affect their customers, nor will it realistically affect the clones either, unless their EEPROM array is crap.

This is unquestionably a deliberate act by FTDI to brick clone devices. It's not a "clone detection that unfortunately bricks them". They went for the kill, going as far as reversing their own checksum routine to be able to bypass the checksum in a way that only takes effect on clones. I suspect someone at FTDI might think they're safe because "well, we issue the same commands to all chips, it's not our fault that only clones are affected!!!!", but that's not going to stand up in court when it is evident and unquestionable that the code has been designed for the sole purpose and effect of bricking clone chips.

FTDI is only preventing user from using their driver with counterfeit chips. There is nothing wrong with this.

Uh, no. FTDI's driver makes the victim device not work with *any* driver. FTDI did not write the driver that Linux uses. Plugging a clone into a Windows box running FTDI's driver will make it stop working on a Linux box which has nothing to do with their intellectual property. This is deliberate destruction (or at least damage) of property, and almost certainly illegal in most reasonable jurisdictions.

For now this works.

You mean for now this doesn't work and people's devices are now broken.

The question is also how good do these chips work and are they fully compatible.

They were until FTDI decided to latch onto implementation minutiae to destroy them. There's a difference between a functional clone and a 100% perfect bug-compatible replica.

The USB vendor id and product id are reserved for and by FTDI.

If you want to use the USB logo.

Using them results in a non working plug and play system.

No, using them results in their driver being loaded. Or someone else's driver for FTDI chips (like the one in Linux). Nothing more, nothing less. In fact, I would strongly consider using their VID and PID if I were writing USB-serial firmware for something and wanted it to work anywhere (though I'd probably end up going for CDC if that works out of the box on Windows these days). And it would be perfectly legitimate. It's a number, and FTDI have no legal protection from others using it.

The chips are sold as counterfeits and therefor they should not be used.

Agreed. This, unfortunately, has nothing to do with the unlucky manufacturers and especially end-users who unintentionally ended up with counterfeits.

This is very simple and is valid in the whole of europe.  A fake Rolex will also be destroyed and the buyer is responsible for this. Actually buying counterfeit products is a crime.

Nope. Only in France and Italy. Buying counterfeit products is legal in the rest of the world. You're even allowed to knowingly import one counterfeit item per class into the US. *Selling* counterfeit products is illegal. Buyers/end-users have no fault in any of this, and destroying their hardware because it's counterfeit is *WRONG*.

[amyk]

If you can find a single clone that is not marked as FT232, then maybe. But I'm not aware of such existing, as they are mostly prolific clones. Anyway now people are yelling about bricking devices where are chips with FTDI and FT232Rx written on them indeed. I'm not big supporter of such tactics, but i think that technically it is OK to do in legal aspect.

Yes there are certainly FT232-compatible ICs with no FTDI markings on them.

I did a bit more digging on 'Supereal' and found that they also make a USB-ethernet IC.. Note that there are absolutely no markings on the IC, but the die has "SUPEREAL SR1002" on it. Following the lead that this is supposed to be an "RD9700"-compatible IC (another obscure Chinese part), I found the "SR9700" and traced that to this Chinese company, which also happens to make a USB-serial IC named the "SR6866" (or SR6865, depending on which page of the site you trust...) and another curiously-named SR2303HX - a Prolific clone. I think we have a match.

tl;dr: These "fake" FT232-compatible ICs are produced by a Chinese company named CoreChips, with their own part numbers, and they are almost certainly not selling them with FTDI markings - as this image of the Prolific clone shows. It's legal to create a competing and compatible product through reverse-engineering. It's not legal to put FTDI's name on it, which is probably being done by someone else downstream.

Comparing INTEL vs AMD is not a good comparising in this case, because they have cross licensing deals. AMD did not reverse engineer the chips, but had a license to produce the design from INTEL for INTEL. AMD manufactored copyright by INTEL and so on

They now have cross-licensing, but AMD reverse-engineered and cloned the 386.