Author Topic: FTDI driver kills fake FTDI FT232??  (Read 946906 times)

0 Members and 3 Guests are viewing this topic.

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1350 on: October 31, 2014, 05:28:22 am »
Wow, that philosophy wouldn't last two minutes in a proper customer-support organization. How astonishingly clueless about the end-user support world.

Please elaborate on how you think the entire all industries all fields of work end user support world should work. Does everyone get a personal IT support person standing by their side to guide them through the terribly complex process of pointing, clicking, and typing into this strange box the strange person calls a computer?

Which by the way if you want I can do it for you personally for free online to fix the FTDI PID issues if you have any. In IT support if the person is at an ends of their ability then yes people take over but you shouldn't hand hold 100% of the time and must adapt to the situation and person your talking to. For an IT group fixing things like this is peanuts compared to a bad windows update that wasn't caught in deployment testing which can cause many more problems.

 

Offline Richard Crowley

  • Super Contributor
  • ***
  • Posts: 4317
  • Country: us
  • KJ7YLK
Re: FTDI driver kills fake FTDI FT232??
« Reply #1351 on: October 31, 2014, 05:39:20 am »
You are talking to and about the kind of people who read these forums.

I am talking about the customers who buy the gadgets/appliances/whatever that have the FTDI chips in them. They have no clue what FTDI is, they just follow the instructions about plugging in the USB cable.  And if it doesn't work then they are on the phone for customer support.  They don't know what a driver is or what it does, they just follow the installation instructions and execute the batch file.

You seem to have an extremely narrow view of the world and who the real FTDI users are.  This debacle will likely put at least a few small companies out of business because FTDI bricked all their products and now they are trying to fight a forest fire.  You appear to have a real blind spot for the broader view of where and how FTDI chips are used out in the Real World.

I am currently working on a product that will use a USB interface for one version.  I feel fortunate that this happened before I committed to which solution to select. It will certainly not be FTDI.
« Last Edit: October 31, 2014, 05:44:00 am by Richard Crowley »
 

Offline miguelvp

  • Super Contributor
  • ***
  • Posts: 5550
  • Country: us
Re: FTDI driver kills fake FTDI FT232??
« Reply #1352 on: October 31, 2014, 05:55:47 am »
My wife is not technical at all and even she can install cyanogenmod on her phone.

People are more resourceful than you give them credit for. It's really not rocket science to launch a program, scan for the device and change the pid to 6001.

People replace their own screens and other parts on their cellphones and more complicated things than that by following instructables.

The bad economy has made people be more proactive and don't spend frivolously and fix things on their own instead of throwing something that doesn't work away..

But I guess we wait and see how many people are really affected by this that can't solve it on their own.

Edit: so far I have not heard of any consumer grade device affected by it, but I really haven't tried too hard to find out.

 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1353 on: October 31, 2014, 06:02:38 am »
My wife is not technical at all and even she can install cyanogenmod on her phone.

People are more resourceful than you give them credit for. It's really not rocket science to launch a program, scan for the device and change the pid to 6001.

People replace their own screens and other parts on their cellphones and more complicated things than that by following instructables.

The bad economy has made people be more proactive and don't spend frivolously and fix things on their own instead of throwing something that doesn't work away..

But I guess we wait and see how many people are really affected by this that can't solve it on their own.

Edit: so far I have not heard of any consumer grade device affected by it, but I really haven't tried too hard to find out.

Also don't people jailbreak, root their phones now regularly so much so it's a public issue. Those mods are not exactly super ultra-simple yet tons of people do it.
 

Offline miguelvp

  • Super Contributor
  • ***
  • Posts: 5550
  • Country: us
Re: FTDI driver kills fake FTDI FT232??
« Reply #1354 on: October 31, 2014, 06:05:20 am »
Well she couldn't have installed it without rooting the phone first, that goes without saying :)
 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1355 on: October 31, 2014, 06:51:37 am »
You are talking to and about the kind of people who read these forums.

I am talking about the customers who buy the gadgets/appliances/whatever that have the FTDI chips in them. They have no clue what FTDI is, they just follow the instructions about plugging in the USB cable.  And if it doesn't work then they are on the phone for customer support.  They don't know what a driver is or what it does, they just follow the installation instructions and execute the batch file.

You seem to have an extremely narrow view of the world and who the real FTDI users are.  This debacle will likely put at least a few small companies out of business because FTDI bricked all their products and now they are trying to fight a forest fire.  You appear to have a real blind spot for the broader view of where and how FTDI chips are used out in the Real World.

I am currently working on a product that will use a USB interface for one version.  I feel fortunate that this happened before I committed to which solution to select. It will certainly not be FTDI.

People read forums in general, people read twitter, people use facebook, people talk to people, and tons and tons of people use google search. (It isn't just tech people that do this anymore it is far more mainstream than you seem to be implying)

People are not like a robots where in a robot it is actually dumb if you don't tell it exactly what to do it will do absolutely nothing (at best) forever.

Your going to get into a circular loop your view is also extremely narrow in that people are helpless and totally clueless and can't type into google or read text that clearly says what to do. Plus how many people use the "phone" any more most modern phones don't do phone very well, my nexus 4 had the happy the program crashed message in the middle of a call and I was like this is the world of apps. In any case the end result is explained in a nice example below. And if they did phone FTDI as microsoft suggested they would then probably go onto twitter getting angry at FTDI which would probably be a valid response because FTDI probably wouldn't help them at all and would probably suggest that the caller is at fault for having a fake part.

Also if you assume people are very clueless then they will be so clueless that they would have long lost the manual and contact info (Who reads that anyways) and just stare and listen to exactly what windows and since it says contact FT232R they say ok google what FT232R and contact FTDI instead of mfg because they forgot and just act like robots listening to whatever is right in front of them is telling them.

A good company like sparkfun will literally post our 1st party boards contain real parts and we are checking 3rd party ones now. A bad company is like FTDI sucks  (They do but that isn't going to help a end user).

A small company that dies because all their products contains fakes is not the subject of this thread which his about FTDI being mean/evil to end users. They should have sourced real parts and done proper quality control checks and verified that parts sent from reputable sources physically match the ones they are shipping (the fakes are not even identical on the outer case). Some level of technical competence is required to be a successful small business and if they lack the ability to do so then yes they may die but others won't. You seem to have a very odd view of corporate failure to detect fakes being the same level as end users being able to detect fakes, I do not expect everyone to be able to detect fakes but companies (academic/tiny/small/med/large) in the business of making electronics should be able to detect fakes on a basic level at least. (In our system we could even detect if a student substituted a fake on a loaned board it would be very visibly obvious when you have a couple hundred good ones around it)

You are free to use whatever company you want in your designs I am planning on single chip for one project with integrated USB because it needs to be very compact and robust for both dumb and hostile users scopes. Our older designs use FTDI chips and we have a large stock of them sitting around so they will keep using it as well for the foreseeable future because I'm 100% sure the chips are real.

Here is an easy example for a end user that doesn't know FTDI exists or what an FT232R is,

User plugs in device which they did not know had a fake FTDI device to their windows machine and they get a pop-up saying it doesn't work. They are like oh what is going on here (No they probably do not sit there in shock and stare at the screen with a dull blank gaze as if their entire world was upturned by a little innocuous text bubble until the medical professionals come in and preform an emergency brain restart) they think hey this was working just last week. They click on the big inviting bubble that says click for more information and the see. No driver found for FT232R contact the manufacturer for support. Since they are lazy go onto google and ask "What is FT232R". (They get a nice big description and go oh what the hell is that supposed to do, and see FTDI is the maker.) Then since they are also posting on twitter they look FTDI up there they get all the juicy details and or are the start of the social media viral storm and they enjoy it, they savor it, it drives them, etc... . Later people make youtube videos, countless forum posts, picture guides, point to official guides that do the same thing, rants, facebook it, spread the word around. And FTDI backtracks and the user is now hey wait I still have a fake here hmmm I want a refund no I demand a refund.

And it bears repeating that I do think FTDI is being mean/evil with PID altering and it looks to me very much like HDCP magic which I hate with a passion but FTDI does have the rights to stop the device from working with the driver so long as they do not alter the PID to make it non-plug and play. To an end user this is the same end result the device will no longer work. (A small business that failed to detect fakes may suffer as a result but this is why counterfeiting is bad and some level of detecting fake/scams is required more so for SMB as they can't weather any failures like all our devices are fake vs. a large company that can say only a tiny fraction of our devices are affected and so on)
 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1356 on: October 31, 2014, 06:56:57 am »
Well she couldn't have installed it without rooting the phone first, that goes without saying :)

True, I believe the public issue is the addition, http://www.forbes.com/sites/andygreenberg/2013/03/04/as-white-house-backs-phone-unlocking-close-to-4-6-million-ipad-jailbreakers-left-in-legal-limbo/

Something few people could do wouldn't get the white houses attention.
 

Offline eneuro

  • Super Contributor
  • ***
  • Posts: 1528
  • Country: 00
Re: FTDI driver kills fake FTDI FT232??
« Reply #1357 on: October 31, 2014, 08:24:01 am »
I am currently working on a product that will use a USB interface for one version.  I feel fortunate that this happened before I committed to which solution to select. It will certainly not be FTDI.
Yep,  NO MORE FTDI  :-+

My wife is not technical at all and even she can install cyanogenmod on her phone.
I'm former IBM iSeries/AS400 developer and administrator and... have no idea what cyanogenmod  :wtf: it is and I do not have to since phone I'm using works fine more than 5 years without any software updates  :-DMM
12oV4dWZCAia7vXBzQzBF9wAt1U3JWZkpk
“Let the future tell the truth, and evaluate each one according to his work and accomplishments. The present is theirs; the future, for which I have really worked, is mine”  - Nikola Tesla
-||-|-
 

Offline miguelvp

  • Super Contributor
  • ***
  • Posts: 5550
  • Country: us
Re: FTDI driver kills fake FTDI FT232??
« Reply #1358 on: October 31, 2014, 08:56:33 am »
From http://www.cyanogenmod.org/
Quote
CyanogenMod is an aftermarket firmware for a number of cell phones based on the open-source Android operating system. It offers features not found in the official Android based firmwares of vendors.

And as for FTDi I should get my wife some flowers ;)
So I will keep on using them, (the florist at least).

I would like if someone will point out what consumer product (not even a vital one) has been affected that is not related to hobbyists.

Hmm, should I plug my USB/RS232 Serial converter cable? It's over a year old and I haven't used it in a while, and never in this Windows 7 system, and it's MADE IN CHINA!  :scared:

Hmm, it's taking a while...


Well, It did install


Lets check the ids...


Prolific as the manufacturer? Never heard of them, well at least it doesn't seem like a FTDI clone as in it looks they have their own drivers


wow I dodged a bullet :phew: I wouldn't have been able to talk to my RS-232 ... Wait what do I have that uses that cable?

Oh my 2 or 3 year old tegra-2 dev kit, that had a terminal console but that has not been powered up for quite a while now (years) Maybe I have some old network equipment that still use that, can't be my VT-52 I junked it long ago.

But you never know when you need an RS-232 Port (wait... actually my PC has a physical one, not common now a days).

kidding aside I rather use the Cypress chips. But not because of what FTDI did, just because I like how easy is to program the Cypress serial chips.

Edit: I'm still looking for a real consumer product affected, not a hobbyist one but a regular consumer one.
« Last Edit: October 31, 2014, 09:13:24 am by miguelvp »
 

Offline iampoor

  • Frequent Contributor
  • **
  • Posts: 500
  • Country: us
Re: FTDI driver kills fake FTDI FT232??
« Reply #1359 on: October 31, 2014, 10:03:51 am »
This thread is like a record that wont stop, the same arguments are brought up every 5 pages.  :box:
 

Offline do.sch.i

  • Newbie
  • Posts: 1
Re: FTDI driver kills fake FTDI FT232??
« Reply #1360 on: October 31, 2014, 10:35:54 am »
like " Groundhog Day" ?

It is already said everything.  But not by everyone.

FTDI made a big mistake. That's all. And they have not apologized.
« Last Edit: October 31, 2014, 10:50:49 am by do.sch.i »
 

Offline Fungus

  • Super Contributor
  • ***
  • Posts: 16562
  • Country: 00
Re: FTDI driver kills fake FTDI FT232??
« Reply #1361 on: October 31, 2014, 11:19:19 am »
Wow, that philosophy wouldn't last two minutes in a proper customer-support organization. How astonishingly clueless about the end-user support world.

A proper product customer support person should be "We will RMA that part right away not sure why that didn't work" (internally panic that fake parts are in their products).

You forgot a step:

3) Tell engineering to start switching away from FTDI chips. Even if fake parts have slipped into the supply lines that doesn't give FTDI the right to break your customer's devices and cost you money.


PS: I managed to get that python script running on my Rasperry Pi (it doesn't work on Windows). It declared my cheapo eBay-bought serial adapters as: "GENUINE or a more accurate clone".

 

Offline madires

  • Super Contributor
  • ***
  • Posts: 7695
  • Country: de
  • A qualified hobbyist ;)
Re: FTDI driver kills fake FTDI FT232??
« Reply #1362 on: October 31, 2014, 11:37:29 am »
Wow, that philosophy wouldn't last two minutes in a proper customer-support organization. How astonishingly clueless about the end-user support world.

Yep, a210210200 should do some first level support in the IT department of a large company or for a vendor. If the software can't read the data from the blood sugar tester anymore, it's simply broken for the end user. If you sold 10000 of the testers for US$200 each and get 100 calls with 'broken by FTDI' testers you got a serious problem. Some of the affected users might be able to fix the issue themselfes by following a how-to-fix-it manual, but most will need an hour or two telephone support, I'd suppose. The next product won't have a FT232.
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 7695
  • Country: de
  • A qualified hobbyist ;)
Re: FTDI driver kills fake FTDI FT232??
« Reply #1363 on: October 31, 2014, 11:56:01 am »
And a proper computer tech support organization will start with have you:

1) restarted your computer?,
2) did you search the internal site for guides?
3) did you search for it on google?

The end user calls the support because he has no clue or didn't find anything via a web search. You can ask the questions above but shouldn't insist on 2) and 3), because you're the support. Otherwise your customers would start complaining about poor support. I've done first, second and third level support for business ISPs and carriers. Customers, even engineers (and even network/telco engineers), can be so totally clueless you wouldn't believe it until you've experienced it yourself.
 

Offline Rufus

  • Super Contributor
  • ***
  • Posts: 2095
Re: FTDI driver kills fake FTDI FT232??
« Reply #1364 on: October 31, 2014, 02:43:20 pm »
I am talking about the customers who buy the gadgets/appliances/whatever that have the FTDI chips in them. They have no clue what FTDI is, they just follow the instructions about plugging in the USB cable.

And those people will continue to not need a clue what FTDI is.

The people who buy stuff that doesn't have FTDI chips in them are the ones that may need to find out what FTDI is and that is rather the point.

For me, it's just not worth the risk to buy either a Prolific-based or an FTDI-based serial cable anymore.  I will also not design either of those devices into any of my products.

Because you want to reduce the risk of being found out when you ship product built with fake crap.....

 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1365 on: October 31, 2014, 05:54:37 pm »
Wow, that philosophy wouldn't last two minutes in a proper customer-support organization. How astonishingly clueless about the end-user support world.

A proper product customer support person should be "We will RMA that part right away not sure why that didn't work" (internally panic that fake parts are in their products).

You forgot a step:

3) Tell engineering to start switching away from FTDI chips. Even if fake parts have slipped into the supply lines that doesn't give FTDI the right to break your customer's devices and cost you money.


PS: I managed to get that python script running on my Rasperry Pi (it doesn't work on Windows). It declared my cheapo eBay-bought serial adapters as: "GENUINE or a more accurate clone".

FTDI's driver is their own thing as long as they don't mess up the PID they can refuse to work with a fake non-FTDI part. The PID thing is mean and evil but counterfeits are arguable far worse in their own way.

If you do not do supply chain control your screwed in the medical device area (Like lawsuits will come not from customers but the regulators and government, you'll get your device recalled just for bad QA/QC manuals even if nothing turns up using fake parts) there are best practices and quality control measures that I do at a university lab and I can say with 100% certainty that we have no fakes in our stock of FTDI parts or boards that students have (even if a student swaps in a fake we can detect that).

Engineering can switch away if FTDI leaves a bad taste but saying the supply chain cannot possibly be protected is not a good argument the fakes are observable from the outside casing and there is information online to assist in detecting them (And a mfg of electronics with an FT232R cannot possibly claim they do not know what FTDI is and if they do then something is horribly wrong).
 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1366 on: October 31, 2014, 06:10:53 pm »
Wow, that philosophy wouldn't last two minutes in a proper customer-support organization. How astonishingly clueless about the end-user support world.

Yep, a210210200 should do some first level support in the IT department of a large company or for a vendor. If the software can't read the data from the blood sugar tester anymore, it's simply broken for the end user. If you sold 10000 of the testers for US$200 each and get 100 calls with 'broken by FTDI' testers you got a serious problem. Some of the affected users might be able to fix the issue themselfes by following a how-to-fix-it manual, but most will need an hour or two telephone support, I'd suppose. The next product won't have a FT232.

Hey now blood sugar testers can you refer me to a mfg that is affected by that because I worked at a medical device mfg and I can tell you that they do in fact test everything (destructively) it is mandated everywhere. It would indicate a total failure of supply chain control if fake parts got into a medical device. Quality control in medical devices is so high they do mass spec on the rubbing alcohol to make sure its rubbing alcohol and matches previous batches. Matching chips in stock with previous stock and samples direct from the mfg would be standard operating procedure with per shipment send to another lab to inspect that the chips still meet the physical, electrical, visual (internally too) appearance as the standard established in the operating procedures.

If a medical device mfg had even claims of using fakes it isn't a end user problem the regulators are going to come crashing through the doors saying let me see your SOPs right now. If they don't find them acceptable they will not even care if you have fakes or not and they will ask you recall everything that your not 1000% sure of and can provide proof that nothing is fake with 100% traceability right back to the place it was made.

Anything in the medical area has government regulatory standards and it is best to go overboard than to try and meet some minimum because it can be a moving target and being able to say you did the best of the best is a good defense against getting a bad audit result.

Also I highly doubt any medical device mfg would allow a device which can be modified by computer or rely on an external vendor's software which they do not control unless it was for something non-critical that isn't directly involved (say a mfg programming interface or debug system). In any case they would ship with their own VID/PID and customized drivers at minimum to maintain version control over the software.

A proper medical device mfg would not even have that problem at all and if they did they would immediately ask them to return the product for inspection not provide them any methods to fix it themselves or provide any more support than your product must be returned immediately and to not use it anymore. Your serious problem is the wrong way around. They would post to government bodies that there is a problem with the product and that they may require a voluntary recall should it turn up (since they would know about the FTDI fakes already) that they have allowed fake parts into their supply chain and it somehow got past QA/QC.

Out of the abundance of caution they would start analyzing if the fake parts may have caused corrupted data or worse bad results to be reported, immediately after obtaining fakes and creating specially serialized and marked test units and would create an extensive internal report. The panic from a little blip on a mass spec result sparked a similar response and in the end it turned up to be nothing but a report was still written and corrective actions where taken just to make sure even when nothing was wrong in the first place.
 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1367 on: October 31, 2014, 06:24:21 pm »
And a proper computer tech support organization will start with have you:

1) restarted your computer?,
2) did you search the internal site for guides?
3) did you search for it on google?

The end user calls the support because he has no clue or didn't find anything via a web search. You can ask the questions above but shouldn't insist on 2) and 3), because you're the support. Otherwise your customers would start complaining about poor support. I've done first, second and third level support for business ISPs and carriers. Customers, even engineers (and even network/telco engineers), can be so totally clueless you wouldn't believe it until you've experienced it yourself.

It seems like you have it mixed up if they are so clueless they will forget to try steps 1-3 and reminding them to do it can solve a lot of problems. Assuming they did a web search or looked at the internal information is a big assumption for "clueless users" which I don't think is a good one to make. Most of the time a person forgot in the moment how to do things they normally do and if they did do an unsuccessful Google search then if you ask them what they found it can actually explain things better to the support person than asking them directly because clueless users can also be bad at explaining what they are even calling for and using their searches as an alternate means of digging up what they are actually asking is useful.

If the user goes oh I'll do that and then later comes back saying I found nothing on 2,3 then obviously you go onto #4 and so on.

I've experienced it first hand with students, engineers, even IT staff, doctors, and various other professionals being what you would call "totally clueless" and yes asking the basics like is it plugged in all the way fixed a very (random hard to diagnose error in a complex robotic system) you have to start simple and then go from there otherwise you'll either waste tons of time or never get much done at all.

I've had Cisco support call me back very quickly (15 seconds after I placed an online question) they where very fast and responsive and totally useless. Instead of even saying look at cisco's website or use google they said oh I'll call back with the answer. Their answer it is a feature not a bug, bye. Turns out it was a limitation and there where ways around it and I was just trying to see what my time limited Cisco support was like.

When did I say you do not go on after 1,2,3 those questions are very good starting questions and in this case would work.
 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1368 on: October 31, 2014, 06:40:41 pm »
wow I dodged a bullet :phew: I wouldn't have been able to talk to my RS-232 ... Wait what do I have that uses that cable?

As for FTDI, they:
------------------------------
  • arrogantly refuse to admit that they did anything wrong
  • have hired PR firms [that hire others] to attempt to hijack this thread
  • have not (yet) released any software to fix the damage that they did to innocent end-user's devices
  • have not (yet) released a new driver that has the trojan malware removed
  • offered no apology for the harm they did to otherwise innocent end-users
  • continue to stone-wall cyber-crime investigators
  • may have committed an international cyber-crime
  • have severely damaged their own brand and their reputation
  • have created a scenario where they might be sued in court over multiple issues
I don't know if FTDI is publicly traded, but honestly if I had the money, I would call up a broker and buy some short options on FTDI.  This whole thing cannot be good for their company valuation.  This is yet another reason to not use any more FTDI chips in my designs-- I am also now worried about the longevity of the company.  Also, obviously, someone high up in the company ordered this driver with the trojan malware in it to be created and disseminated.  That means that idiots are running the company, and if so then that is yet another reason to not use their products anymore.

Your misusing the terms a trojan virus is a backdoor type virus (you know trojan horse, hidden attack, historical name) that allows an attack to gain entry to a computer for further activities. A more appropriate term would be that it is an evil DRM system similar to HDCP in some respects.

And somehow I doubt I'm hired by FTDI since I think they are stupid and evil for messing up the PID and are very much like HDCP which is pretty horrid as I've described earlier. I'm work at the University of British Columbia and have no relationship with a PR firm or FTDI in any way other than using their chips as you have and watching the youtube video and coming over here to say my TLDR words, if you mean hijack as in discuss and provide pictorial guides/links to fixes/and correcting factually incorrect information then I'd call that a good corrective action hijack.

Also if your running on the presumption that I'm hired by FTDI it makes no logical sense for them to ask someone to say they very much intentionally put the detection code in and it certainly is a form of DRM.

Software does exist to fix the evil PID change use FT_PROG (windows) or FT_PROG (FOSS, linux), and overriding the driver is not hard at all.

There is no cybercrime investigation going on please link it in if you know of one so they technically can't stone wall something that doesn't exist. (ditto for the international cybercrime)

FTDI probably did damage their reputation for me it seems like their support and marketing dept are basically on the other end of an ideal support marketing group for their area of work. Most of FTDI's stuff is used by people like us and if they just searched on google they would have figured out what might happen to them if they pissed of that kind of customer base. Other sites even reported to FTDI and suggested better changes to their driver but they didn't listen (not listening is a very bad thing to do, and if Microsoft refused to listen they would be dead many times over).




 

Offline miguelvp

  • Super Contributor
  • ***
  • Posts: 5550
  • Country: us
Re: FTDI driver kills fake FTDI FT232??
« Reply #1369 on: October 31, 2014, 06:51:58 pm »
Actually when they say bad publicity is good publicity they might be right, it might actually help them.

They been on the news stating they are going to ensure their drivers won't talk to clones.

It shows a potential client that, the device is good enough to be cloned and that after FTDI clamps down to use only genuine chips the client will feel confident they are using genuine chips.

Lastly, big news like this makes a small company like FTDI appear to be a giant in the industry.

And still not a single case of a consumer grade product affected by this, it's been a week, someone should have encounter one by now.
 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1370 on: October 31, 2014, 06:54:07 pm »
For me, it's just not worth the risk to buy either a Prolific-based or an FTDI-based serial cable anymore.  I will also not design either of those devices into any of my products.
Because you want to reduce the risk of being found out when you ship product built with fake crap.....

Hi Rufus,

Well, my company only does the electronics design work for our clients.  I always spec "genuine" parts in my designs in the BOM.  The problem is that when I hand off the documentation to my client, it is my client that obtains bids from various places, and I'm guessing that they go with the lowest bidder.  So, who builds my designs and with what parts is completely out of my control.

The reason that I won't use either Prolific or FTDI devices anymore is that there is always at least the possibility for counterfeit parts to end up on the board-- even though I spec'd genuine in the parts list.  Both of these companies have shown that they can make some very unwise decisions, and have punished the [otherwise innocent] end-user rather than doing the Right Thing and going after the counterfeiters through legal action.  If the product has problems, that can come back to me as something I did wrong [whether deserved or not, I will get the blame].  This will [indirectly] affect my business.  So, that reason alone is enough for me to run away from Prolific and FTDI chips.  It's too bad really-- I have never had any problems with the FTDI chips and like them very much [technically], but for business reasons FTDI has forced my hand in this matter, and I will no longer be able to use their parts-- no matter how much I like them.

Regards,
Ken

If you do contract design and your customer does the mfg/asmbly and your worried about them not having enough QA/QC to do it then provide them with a guide on detecting fakes and make them sign a contract saying your not liable for use of fake parts in a design that specifies real ones and that information on how to determine the real parts from the fakes is included. And if your going the extra mile provide them with a physical sample of a real part and a fake one glued to board along with a description detailing how to visually see if something is fake at a glance. (A company is responsible for their own supply chain and BoMs usually provide main/secondary/third sources and if you list FTDI/Digikey/Newark (canada perspective) as the official distributors they should use if they use ebay or ali-express then you can go you didn't follow the BoM and those suppliers provide assurances and would definitely respond to accusations that they supplied fakes. My BoMs include pricing analysis from major suppliers including their price breaks and stock levels at the time the BoM was made to provide an indication of pricing and general stock levels amongst major distributors. When I feel like China would be a better source for certain parts that are just too expensive locally I actually do samples myself and verify the supplier and then directly list it, and the samples provided become part of the record for later comparison.

Another useful training tool is to have a challenge board on the flip side that has no indication of fake or real and the person has to pick out the fake which shows they know how to do it.

If they fail to listen or end up with fakes somehow then they will be like we should have listened, instead of being angry for no good reason at you.

If you want to go 150% for good support ask them to send you a pre-production sample so you can non-officially test it out. I'd always want to get a physical sample of something I designed or at least make sure it works if I hand it off to someone else which includes making sure they know how to detect fakes/counterfeits/substandard parts, if your transferring your knowledge/designs imparting some best practices with it doesn't hurt.

 

Online nctnicoTopic starter

  • Super Contributor
  • ***
  • Posts: 26756
  • Country: nl
    • NCT Developments
Re: FTDI driver kills fake FTDI FT232??
« Reply #1371 on: October 31, 2014, 07:06:04 pm »
Actually when they say bad publicity is good publicity they might be right, it might actually help them.

They been on the news stating they are going to ensure their drivers won't talk to clones.

It shows a potential client that, the device is good enough to be cloned and that after FTDI clamps down to use only genuine chips the client will feel confident they are using genuine chips.

And still not a single case of a consumer grade product affected by this, it's been a week, someone should have encounter one by now.
Probably because consumer goods use their own PID/VID which somehow are not affected. Somehow FTDI managed to shoot both their feet off by hitting the people they need to put their chips into actual designs the hardest :palm:
Then again if it is a consumer/consumeable device people just trash it and buy new. If one of my USB-to-serial cables stops working I'm not going to disect it; I just get a new one.
There are small lies, big lies and then there is what is on the screen of your oscilloscope.
 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1372 on: October 31, 2014, 07:23:49 pm »
Actually when they say bad publicity is good publicity they might be right, it might actually help them.

They been on the news stating they are going to ensure their drivers won't talk to clones.

It shows a potential client that, the device is good enough to be cloned and that after FTDI clamps down to use only genuine chips the client will feel confident they are using genuine chips.

Lastly, big news like this makes a small company like FTDI appear to be a giant in the industry.

And still not a single case of a consumer grade product affected by this, it's been a week, someone should have encounter one by now.

Could be true but isn't FTDI already one of the big players in the FT232 market. My predecessor was already a bit leery for me to use a more compact FTDI chip on an old design 2 years ago. (Turns out he was right the chips were recalled the moment I was pressing buy on digikey so the stock went from 1000's to 0 in between me pressing order).

I'd like to see a consumer product as well or even a popular blood glucose meter that even uses FTDI's default drivers it isn't user friendly to see no descriptive name that associates it with your brand. Having a custom driver and PID/VID allow you to make it branded and user friendly as well as provide control over driver updates and certifying things.

Also VID, 1a79  Bayer Health Care LLC is using FTDI chips. (I have one because I'm paranoid)(But it requires its own customized FTDI driver)(The lastest driver they have certified , they do certify software internally, is an modified FTDI driver from 2008)

As I said before a proper medical company would want as much control over everything as possible by using their own custom VID/PID and they wouldn't have been affected even with fake parts. Even then the chances of a fake chip getting into a medical device even a consumer one a next to nothing. (unless they are being malicious like those using industrial silicone for implant companies but that was a shady medical company that was based in Europe I think and was doing very shady things until it quite literally started blowing up as in the implants failed horribly)(I'm sure even though they get extensive travelers (traceability docs) which their part batches they still do independent verification on new lots under the paranoid assumption that there may be an error or the traveller has been faked itself to hid fake parts)

No proper company should say we are not sure if we have fakes and if they are then they are not doing enough QC because there is a reason for it to exist and that is to root out out of spec parts, damaged stock, counterfeits, theft, and so on.

 

Offline a210210200

  • Regular Contributor
  • *
  • Posts: 220
Re: FTDI driver kills fake FTDI FT232??
« Reply #1373 on: October 31, 2014, 07:29:56 pm »
Actually when they say bad publicity is good publicity they might be right, it might actually help them.

They been on the news stating they are going to ensure their drivers won't talk to clones.

It shows a potential client that, the device is good enough to be cloned and that after FTDI clamps down to use only genuine chips the client will feel confident they are using genuine chips.

And still not a single case of a consumer grade product affected by this, it's been a week, someone should have encounter one by now.
Probably because consumer goods use their own PID/VID which somehow are not affected. Somehow FTDI managed to shoot both their feet off by hitting the people they need to put their chips into actual designs the hardest :palm:
Then again if it is a consumer/consumeable device people just trash it and buy new. If one of my USB-to-serial cables stops working I'm not going to disect it; I just get a new one.

Actually I'm pretty sure one if Bayer is using it then lots of medical device mfgs are using it too and they probably have very tight control on the supply chain. With a custom VID/PID the device will only work with the provided customized drivers so these won't update unless the mfg itself updates them. So if that is the case then even if the hobbyists market evaporates medical devices move so slow it will be decades and probably never when they even being to consider other options. (Medical devices move so slow, so much RnD on the simple things, so much double/triple/quad checking, its great but it is slow)

If my USB to serial cable stopped working I wouldn't throw it out because at home I always lose them and even though I probably have 15-20 USB to RS-232 adapters and cables I can always only find one or two when I need them. Not to mention if I get a driver not found message which is exactly what happens when FTDI messes around with your PID I'd be "like what the hell windows eat the driver" and then force it down its mouth. Shipping is more than the cost of the cable I'd just override the driver.
 

Offline Macbeth

  • Super Contributor
  • ***
  • Posts: 2571
  • Country: gb
Re: FTDI driver kills fake FTDI FT232??
« Reply #1374 on: October 31, 2014, 08:07:54 pm »
Just purchased a USB to RS232 DB9M cable from ebay for £1.11. I have no idea if it is using FTDI, Prolific, or other chips. It was less hassle than me rooting through all my old parts bins to find one of my old Prolific cables. I don't think I've ever had an FTDI, I guess I may find out in the next few weeks when Shenzen to UK post arrives.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf