Author Topic: FTDI driver kills fake FTDI FT232??  (Read 946950 times)

0 Members and 2 Guests are viewing this topic.

Offline hpux735

  • Contributor
  • Posts: 39
Re: FTDI driver kills fake FTDI FT232??
« Reply #500 on: October 23, 2014, 11:29:36 pm »
I just did a little poking, and the CP2110 actually looks freaking awesome.  Looks like it has support for making your own "devices" that don't just show up as com ports, but they do use standard usb HID drivers on windows.  All you need is a simple dll bundled with your app and you've got a serial style connection to the device.  No crazy drivers, no hunting for the right ports.  Looks awesome to me!

This is the biggest risk of companies pulling shenanigans like this.  The last thing that you want is your customers to ask the question "What other options are there?"  Once that question is asked, you're in trouble.  If you can keep them "fat, dumb, and happy" then you're likely to keep them.

I realize that their worried about their future, and they have a right to try to protect their IP, but this is a very dangerous move.
 

Offline Vendan

  • Newbie
  • Posts: 6
Re: FTDI driver kills fake FTDI FT232??
« Reply #501 on: October 23, 2014, 11:32:12 pm »
I just did a little poking, and the CP2110 actually looks freaking awesome.  Looks like it has support for making your own "devices" that don't just show up as com ports, but they do use standard usb HID drivers on windows.  All you need is a simple dll bundled with your app and you've got a serial style connection to the device.  No crazy drivers, no hunting for the right ports.  Looks awesome to me!

This is the biggest risk of companies pulling shenanigans like this.  The last thing that you want is your customers to ask the question "What other options are there?"  Once that question is asked, you're in trouble.  If you can keep them "fat, dumb, and happy" then you're likely to keep them.

I realize that their worried about their future, and they have a right to try to protect their IP, but this is a very dangerous move.

Exactly.  I would love for my arduino IDE to have a list of connected arduinos pop up as programming targets, rather then a list of com ports.  Or even, *gasp*, it just working when I hit upload cause there's only one arduino!
 

Offline waldo

  • Contributor
  • Posts: 10
Re: FTDI driver kills fake FTDI FT232??
« Reply #502 on: October 23, 2014, 11:50:14 pm »
Another advantage to the CP2110 is that it is compatible with Android if the device supports USB Host.  I used one on an Android-based project last year and it worked well.
 

Offline MicroHex

  • Newbie
  • Posts: 2
Re: FTDI driver kills fake FTDI FT232??
« Reply #503 on: October 24, 2014, 12:21:17 am »
 

Online mikeselectricstuff

  • Super Contributor
  • ***
  • Posts: 13695
  • Country: gb
    • Mike's Electric Stuff
Re: FTDI driver kills fake FTDI FT232??
« Reply #504 on: October 24, 2014, 12:23:07 am »

No idea why they think this helps, but oh well. :-//

..so they can add a more explicit warning of imminent device destruction...?
Youtube channel:Taking wierd stuff apart. Very apart.
Mike's Electric Stuff: High voltage, vintage electronics etc.
Day Job: Mostly LEDs
 

Offline mrflibble

  • Super Contributor
  • ***
  • Posts: 2051
  • Country: nl
Re: FTDI driver kills fake FTDI FT232??
« Reply #505 on: October 24, 2014, 12:31:46 am »

No idea why they think this helps, but oh well. :-//

..so they can add a more explicit warning of imminent device destruction...?
Ah, the remaining .exe file shows you a popup with such a warning? I missed that.
 

Offline marcan

  • Regular Contributor
  • *
  • Posts: 80
  • If it ain't broke I'll fix it anyway.
    • My blog
Re: FTDI driver kills fake FTDI FT232??
« Reply #506 on: October 24, 2014, 12:32:13 am »
By the way, I don't think anyone has brought this up yet.

How do we know that in the future this, or similar actions taken in FTDI's driver won't accidentally brick legitimate FTDI devices? I can easily envision a particular - maybe old - hardware version of one of their devices being left out of a test matrix and then suddenly FTDI (and their customers and customers' customers) are hoist by their own petard.

No, the risk is too great now to use FTDI chips - legitimate or otherwise - anymore.

The way the bricking works, that seems unlikely - there's no per-device detection, it's already 'trying' to brick all devices and authentic ones are just not vulnerable to the method used.
Actually, they do detect what type of device is plugged in, and only issue the bricking commands to FT232RLs. In fact, the same commands will brick other genuine FTDI devices with an external EEPROM too, if the code didn't check for them. The FT232RL is the odd man out; the clones actually behave the same as FTDI's other chips, which is what their USB command protocol was clearly intended to do. FT232RLs have a buffering hack due to their EEPROM layout, and that specifically is what the clones didn't catch on to, and what the bricking code exploits.


Sidenote: code bug here. They forgot to return a value for non-FT232RL devices, when the if branch isn't taken. This caused the return register to contain an uninitialized value - in this case, the FTDIDevice *dev parameter - which confused the decompiler into thinking the return value's type is FTDIDevice* instead of int (I could've fixed the type but didn't bother). They don't use the return value in the caller, so this is harmless, but still, bad FTDI, ignoring compiler warnings. Doesn't instill much confidence that they don't even check for compiler warnings on their critical bricking code that might brick legitimate devices if it malfunctions.
 

Online mikeselectricstuff

  • Super Contributor
  • ***
  • Posts: 13695
  • Country: gb
    • Mike's Electric Stuff
Re: FTDI driver kills fake FTDI FT232??
« Reply #507 on: October 24, 2014, 12:43:29 am »

No idea why they think this helps, but oh well. :-//

..so they can add a more explicit warning of imminent device destruction...?
Ah, the remaining .exe file shows you a popup with such a warning? I missed that.
I don't know - just a guess.
Youtube channel:Taking wierd stuff apart. Very apart.
Mike's Electric Stuff: High voltage, vintage electronics etc.
Day Job: Mostly LEDs
 

Offline CrosseyeJack

  • Contributor
  • Posts: 25
  • Country: gb
Re: FTDI driver kills fake FTDI FT232??
« Reply #508 on: October 24, 2014, 12:52:57 am »
From: http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/

Quote
Update: Microsoft has given us a statement:

Yesterday FTDI removed two driver versions from Windows Update. Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update. :palm:

Sounds like MS stepped up and put them in their place over this issue...

PS SIMON.... I never figured you were sparkylabs... I've ordered a number of stuff off you in the past and always been happy :-) (Waves)
 

Offline ovnr

  • Frequent Contributor
  • **
  • Posts: 658
  • Country: no
  • Lurker
Re: FTDI driver kills fake FTDI FT232??
« Reply #509 on: October 24, 2014, 12:54:14 am »
This just in, Microsoft pulls two FTDI drives from Windows Update.

http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/

Confirmed - I had a FTDI update sitting in my Windows Update queue a week ago (I don't install WU device driver updates because these things happen - not bricking, but unintentionally fucking things up - I'd rather go to the mfg to read the release notes first). It's gone now, after doing an update check.
 

Offline Zeta

  • Contributor
  • Posts: 49
Re: FTDI driver kills fake FTDI FT232??
« Reply #510 on: October 24, 2014, 01:00:39 am »
I just did a little poking, and the CP2110 actually looks freaking awesome.  Looks like it has support for making your own "devices" that don't just show up as com ports, but they do use standard usb HID drivers on windows.  All you need is a simple dll bundled with your app and you've got a serial style connection to the device.  No crazy drivers, no hunting for the right ports.  Looks awesome to me!

This is the biggest risk of companies pulling shenanigans like this.  The last thing that you want is your customers to ask the question "What other options are there?"  Once that question is asked, you're in trouble.  If you can keep them "fat, dumb, and happy" then you're likely to keep them.

the guys crying out loud  are probably the guys selling fake ftdi chips or devices containing fake ftdi chips

I realize that their worried about their future, and they have a right to try to protect their IP, but this is a very dangerous move.
only if they affect actual customers.
for a chip manufacturer, hobbyists like you or me are not their real customers, hobbyist market is a really small market. Their customers are the guys who design/build devices. The driver update affect manufacturer who don't buy their chips anyway so not their real customer and would probably make more manufacturers buy the real thing next time.
Bricking fake devices actually protect their real customers and their customer's customers.
 

Offline mrflibble

  • Super Contributor
  • ***
  • Posts: 2051
  • Country: nl
Re: FTDI driver kills fake FTDI FT232??
« Reply #511 on: October 24, 2014, 01:08:41 am »
I don't know - just a guess.
I got the impression that they removed the link to the .zip file after someone posted about a workaround by using the .INF file (found in the zip) and then specifying the desired VID/PID. As opposed to the automated installation you'd get by default using the .exe. But not sure. :-//
 

Offline nctnicoTopic starter

  • Super Contributor
  • ***
  • Posts: 26757
  • Country: nl
    • NCT Developments
Re: FTDI driver kills fake FTDI FT232??
« Reply #512 on: October 24, 2014, 01:18:33 am »
The driver update affect manufacturer who don't buy their chips anyway so not their real customer and would probably make more manufacturers buy the real thing next time.
Bricking fake devices actually protect their real customers and their customer's customers.
I guess you didn't read the comments from the pros on this forum. Some explain having had (crisis) meetings about the impact of FTDI sabotage driver. Thinking it is possible to buy 100% real devices in mass production is being naive. There is no guarantee a counterfeit product doesn't end up in a device. That means using FTDI chips poses the risk a device stops working which in turn results in an angry customer or even damage claims. Such a risk is unacceptable for any business so the clever move is to stop using FTDI at all.
« Last Edit: October 24, 2014, 01:20:20 am by nctnico »
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline nsayer

  • Regular Contributor
  • *
  • Posts: 133
  • Country: us
    • Geppetto Elecronics
Re: FTDI driver kills fake FTDI FT232??
« Reply #513 on: October 24, 2014, 01:20:19 am »
Reading between the lines, it would appear that Microsoft has bitch-slapped FTDI

http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/

look near the bottom
Buy my stuff!! It's not at all terrible!! http://tindie.geppettoelectronics.com/
 

Offline CrosseyeJack

  • Contributor
  • Posts: 25
  • Country: gb
Re: FTDI driver kills fake FTDI FT232??
« Reply #514 on: October 24, 2014, 01:21:37 am »
I just did a little poking, and the CP2110 actually looks freaking awesome.  Looks like it has support for making your own "devices" that don't just show up as com ports, but they do use standard usb HID drivers on windows.  All you need is a simple dll bundled with your app and you've got a serial style connection to the device.  No crazy drivers, no hunting for the right ports.  Looks awesome to me!

This is the biggest risk of companies pulling shenanigans like this.  The last thing that you want is your customers to ask the question "What other options are there?"  Once that question is asked, you're in trouble.  If you can keep them "fat, dumb, and happy" then you're likely to keep them.

the guys crying out loud  are probably the guys selling fake ftdi chips or devices containing fake ftdi chips

I realize that their worried about their future, and they have a right to try to protect their IP, but this is a very dangerous move.
only if they affect actual customers.
for a chip manufacturer, hobbyists like you or me are not their real customers, hobbyist market is a really small market. Their customers are the guys who design/build devices. The driver update affect manufacturer who don't buy their chips anyway so not their real customer and would probably make more manufacturers buy the real thing next time.
Bricking fake devices actually protect their real customers and their customer's customers.

But you have firms like Microchip who will happily give out free samples to hobbyists which I am sure is because they not only see us as future customers but in your own words as their future customer customers.

I only only see myself as a hobbyist but I sell my stuff (Does selling your skills make you a professional or not? I have made my limited skills into a profession for me. I dunno...). What this whole issue has told me is if I want to add a USB-Serial Device I am going to stay away from "Future Tremendous Disaster Incoming" and go with someone else.

Yeah sure they are not making mega bucks off me selling me chips (So they don't really care about me as a customer, but they should) and I don't like counterfeit chips as much as the next guy. So why should I run the risk that I fuck up and get in some fakes when I think I am going though legit sources and then cause my customers headaches down the road when there are plenty of other options to fill the USB-Serial need.

FTDI have shown they don't care about me nor my customers (As I am not big enough for them) so I'm not going to give them two thoughts about them. I'm sure they will survive without me as a customer but I know I will survice without them being a supplier of mine.
« Last Edit: October 24, 2014, 01:23:15 am by CrosseyeJack »
 

Offline Vendan

  • Newbie
  • Posts: 6
Re: FTDI driver kills fake FTDI FT232??
« Reply #515 on: October 24, 2014, 01:39:01 am »
I just did a little poking, and the CP2110 actually looks freaking awesome.  Looks like it has support for making your own "devices" that don't just show up as com ports, but they do use standard usb HID drivers on windows.  All you need is a simple dll bundled with your app and you've got a serial style connection to the device.  No crazy drivers, no hunting for the right ports.  Looks awesome to me!

This is the biggest risk of companies pulling shenanigans like this.  The last thing that you want is your customers to ask the question "What other options are there?"  Once that question is asked, you're in trouble.  If you can keep them "fat, dumb, and happy" then you're likely to keep them.

the guys crying out loud  are probably the guys selling fake ftdi chips or devices containing fake ftdi chips

I realize that their worried about their future, and they have a right to try to protect their IP, but this is a very dangerous move.
only if they affect actual customers.
for a chip manufacturer, hobbyists like you or me are not their real customers, hobbyist market is a really small market. Their customers are the guys who design/build devices. The driver update affect manufacturer who don't buy their chips anyway so not their real customer and would probably make more manufacturers buy the real thing next time.
Bricking fake devices actually protect their real customers and their customer's customers.

But you have firms like Microchip who will happily give out free samples to hobbyists which I am sure is because they not only see us as future customers but in your own words as their future customer customers.

I only only see myself as a hobbyist but I sell my stuff (Does selling your skills make you a professional or not? I have made my limited skills into a profession for me. I dunno...). What this whole issue has told me is if I want to add a USB-Serial Device I am going to stay away from "Future Tremendous Disaster Incoming" and go with someone else.

Yeah sure they are not making mega bucks off me selling me chips (So they don't really care about me as a customer, but they should) and I don't like counterfeit chips as much as the next guy. So why should I run the risk that I fuck up and get in some fakes when I think I am going though legit sources and then cause my customers headaches down the road when there are plenty of other options to fill the USB-Serial need.

FTDI have shown they don't care about me nor my customers (As I am not big enough for them) so I'm not going to give them two thoughts about them. I'm sure they will survive without me as a customer but I know I will survice without them being a supplier of mine.

Heh, just look at 3d printers.  I'm sure somebody scoffed at RepRap, but I know people that have spend hundreds on just the electronics.  Speaking of, I wonder how many 3d printers got killed by this.  A lot of reprap stuff uses offbrand arduino clones.
 

Offline HackedFridgeMagnet

  • Super Contributor
  • ***
  • Posts: 2028
  • Country: au
Re: FTDI driver kills fake FTDI FT232??
« Reply #516 on: October 24, 2014, 01:41:05 am »
from  http://arstechnica.com
Quote
Update: Microsoft has given us a statement:

Quote
    Yesterday FTDI removed two driver versions from Windows Update. Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update.

Love to be a fly on the wall in FTDI HQ when they are discussing this.
 

Offline nsayer

  • Regular Contributor
  • *
  • Posts: 133
  • Country: us
    • Geppetto Elecronics
Re: FTDI driver kills fake FTDI FT232??
« Reply #517 on: October 24, 2014, 01:44:05 am »
from  http://arstechnica.com
Quote
Update: Microsoft has given us a statement:

Quote
    Yesterday FTDI removed two driver versions from Windows Update. Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update.

Love to be a fly on the wall in FTDI HQ when they are discussing this.

I'm pretty sure that that conversation (between Microsoft and FTDI) was a straight-up bitch-slap.
Buy my stuff!! It's not at all terrible!! http://tindie.geppettoelectronics.com/
 

Offline krater

  • Regular Contributor
  • *
  • Posts: 60
  • Country: de
Re: FTDI driver kills fake FTDI FT232??
« Reply #518 on: October 24, 2014, 01:45:20 am »
from  http://arstechnica.com
Quote
Update: Microsoft has given us a statement:

Quote
    Yesterday FTDI removed two driver versions from Windows Update. Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update.

Love to be a fly on the wall in FTDI HQ when they are discussing this.

Oh yes, and then when FTDI is discussing the profit of the next quarter.
« Last Edit: October 24, 2014, 01:57:44 am by krater »
"it was working yesterday.  hmmm.  maybe the vendor FTDI'd me via a windows update..."
 

Offline CrosseyeJack

  • Contributor
  • Posts: 25
  • Country: gb
Re: FTDI driver kills fake FTDI FT232??
« Reply #519 on: October 24, 2014, 02:02:32 am »
from  http://arstechnica.com
Quote
Update: Microsoft has given us a statement:

Quote
    Yesterday FTDI removed two driver versions from Windows Update. Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update.

Love to be a fly on the wall in FTDI HQ when they are discussing this.

Oh yes, and then when FTDI is discussion the profit of the next quarter.

Well I don't really think FTDI's update is going to effect MS's profits for next quarter (Tounge in cheek: MS are going a fine job of that themselves... Though Win 10 TP isn't the horse crap Win 8 was....) And(I misread the post... Sorry) its not really going to effect FTDI's next quarter because A) its too short of a time period for people to jump ship, Their "Big" customers have already locked in their designs to change supplier b) I can see them reversing ship pretty quickly now it has come to attention (even though there have been reports of this for over a month, but those reports fall into the the "small enough not to give a crap about" bracket).
 

Offline krater

  • Regular Contributor
  • *
  • Posts: 60
  • Country: de
Re: FTDI driver kills fake FTDI FT232??
« Reply #520 on: October 24, 2014, 02:09:27 am »
from  http://arstechnica.com
Quote
Update: Microsoft has given us a statement:

Quote
    Yesterday FTDI removed two driver versions from Windows Update. Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update.

Love to be a fly on the wall in FTDI HQ when they are discussing this.

Oh yes, and then when FTDI is discussion the profit of the next quarter.

Well I don't really think FTDI's update is going to effect MS's profits for next quarter (Tounge in cheek: MS are going a fine job of that themselves... Though Win 10 TP isn't the horse crap Win 8 was....) And(I misread the post... Sorry) its not really going to effect FTDI's next quarter because A) its too short of a time period for people to jump ship, Their "Big" customers have already locked in their designs to change supplier b) I can see them reversing ship pretty quickly now it has come to attention (even though there have been reports of this for over a month, but those reports fall into the the "small enough not to give a crap about" bracket).

Okay, ack, you're right. The big players will need some more time. And the impact of better china copies will need more time too. So maybee for the short time they have more profit. Maybee the responsible manager gets his bonus payment before he changes to another company.


EDIT:looks like the typical turbocapitalistic way...
« Last Edit: October 24, 2014, 02:11:18 am by krater »
"it was working yesterday.  hmmm.  maybe the vendor FTDI'd me via a windows update..."
 

Offline CrosseyeJack

  • Contributor
  • Posts: 25
  • Country: gb
Re: FTDI driver kills fake FTDI FT232??
« Reply #521 on: October 24, 2014, 02:14:36 am »
What makes me laugh about all this is that once some people decapped a fake chip (because it was just returning 0's) and reported their finding to FTDI they asked for feedback, They suggested instead of sending 0's back the driver sent back something like "FAKECHIP" So the driver didn't work and what ever software was running on it could inform the user of the issue stead of just not working.

When Mike brought FTDI up over the rewriting of the PID on twitter they asked him for "suggestions on how to do it" https://twitter.com/FTDIChip/status/524931435077963776 When they had a) already given out a driver that just ignored the fake chips b) were given a suggestion on how to make it so 3rd party software would know its a fake chip.

I guess they saw driver roll back too much as a threat and just decided to nip the issue in the butt (and create themselves a bigger issue in the long run)...

I'm just looking forward to the FTDI Press release over this... I just need some warning so I can pop some fresh corn :-)
« Last Edit: October 24, 2014, 02:26:56 am by CrosseyeJack »
 

Offline Rasz

  • Super Contributor
  • ***
  • Posts: 2616
  • Country: 00
    • My random blog.
Re: FTDI driver kills fake FTDI FT232??
« Reply #522 on: October 24, 2014, 02:33:16 am »
Uh, no. FTDI's driver makes the victim device not work with *any* driver. FTDI did not write the driver that Linux uses. Plugging a clone into a Windows box running FTDI's driver will make it stop working on a Linux box

not true, Linux is already patched and will work with your fake


I have an Arduino compatible board purchased from Farnell which was built by a fairly reputable manufacturer.  It seems that it's detected as being a counterfeit by the FTDI driver.

If I'm left with a dead device which I bought in good faith from a reputable supplier and manufacturer

You arent left, you need to contact Farnell for replacement/refund. Farnell sold you a fake.
Who logs in to gdm? Not I, said the duck.
My fireplace is on fire, but in all the wrong places.
 

Offline nsayer

  • Regular Contributor
  • *
  • Posts: 133
  • Country: us
    • Geppetto Elecronics
Re: FTDI driver kills fake FTDI FT232??
« Reply #523 on: October 24, 2014, 02:58:36 am »
Uh, no. FTDI's driver makes the victim device not work with *any* driver. FTDI did not write the driver that Linux uses. Plugging a clone into a Windows box running FTDI's driver will make it stop working on a Linux box

not true, Linux is already patched and will work with your fake

That's true insofar as the Linux kernel folks have released a patch that was a response to the damage caused by this malware. The way you said it, it implies that the damage caused by the Windows driver has no impact on Linux. This is false on two counts: 1. It impacts virtually all copies of Linux that are in actual use on the planet today, and 2. It requires a version of Linux that will accept a PID of 0, which is definitively non-standard.

And, by the way, if FTDI were so cheesed off about the clone chips hijacking FTDI's vendor ID, then why is it the product ID that they cleaned out?

Buy my stuff!! It's not at all terrible!! http://tindie.geppettoelectronics.com/
 

Offline Vendan

  • Newbie
  • Posts: 6
Re: FTDI driver kills fake FTDI FT232??
« Reply #524 on: October 24, 2014, 03:08:22 am »
Uh, no. FTDI's driver makes the victim device not work with *any* driver. FTDI did not write the driver that Linux uses. Plugging a clone into a Windows box running FTDI's driver will make it stop working on a Linux box

not true, Linux is already patched and will work with your fake

That's true insofar as the Linux kernel folks have released a patch that was a response to the damage caused by this malware. The way you said it, it implies that the damage caused by the Windows driver has no impact on Linux. This is false on two counts: 1. It impacts virtually all copies of Linux that are in actual use on the planet today, and 2. It requires a version of Linux that will accept a PID of 0, which is definitively non-standard.

And, by the way, if FTDI were so cheesed off about the clone chips hijacking FTDI's vendor ID, then why is it the product ID that they cleaned out?

Do you want the real reason, or the PR reason?  Cause the real reason is that they could run the code to change the product id on a clone chip or on a real chip, and it'd only mess up the clone chip.  Vendor ID, I'm fairly certain, is on an odd offset, so it wouldn't get buffered like that on the real chip.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf