FTDI driver kills fake FTDI FT232??

[0xdeadbeef]

After all the usual suspect proved they were surprisingly genuine, I finally found a clone where I didn't suspect it: in my Gamebuino.

I guess we can agree that the guy behind this project was not aware they would use fake FTDI chips when he ordered a thousand or so populated boards...
Not surprisingly the reaction is to avoid FTDI in the next revision.

[nathancrum]

You might get burned by fakes of unknown quality and origin regardless of which manufacturer they are faking.

That's a fair point.  But the chances of an unintended FTDI fake substitution are probably higher than others.  Until now - that didn't carry unnecessary additional risk that it might work fine (pass all testing) and get passed onto the customers where it could be e-firebombed without warning.

You are saying that you will choose a part which is more likely to let you get away with shipping low quality shit.

No.  I'm saying I'll choose a part that's both less likely to be imitated and less likely to be destroyed without warning if it is imitated.  There are many quality manufacturers making good alternatives.  FTDI was just a convenient choice before now.

In the future I will be taking the use of FTDI parts as an indication of a supplier who cares about the quality of their products and has confidence in their supply chain.

We have an extremely well qualified supply chain, but,
A. As a designer, I have no control over it and
B. To use a part with blind optimism that your supply chain can't possibly screw up is equivalent to playing Russian roulette.  I'd prefer to use the products from a company who is proactive about increasing reliability through thoughtful design and part selection.  You're saying I should add risk to an extremely critical system just to demonstrate my confidence in 3 or 4 layers of supply chain removed from our company?  No thanks.

[a210210200]

Ftdi's driver carries their trademark and crypto signature/trust so to be completely legal you have to have an unbranded/unsigned driver as well. The reprogrammable pidvid is for that purpose.

[AG6QR]

From the perspective of a designer, FTDI has just introduced considerable risk in using their product.  That's all that matters to a designer.  "I might get burned if I use this part - even if I specify genuine parts."  Well - there are several alternatives without that risk - so that's what I'm going to use from now on.  I just pulled an FTDI chip from a new design today in fact - I'm sure I'm not the only one.

Nathan Crum, that's exactly a 1000% right. You are not alone, I am currently in the process of replacing a FT230X with a CY7C65211 from Cypress.
The evaluation kit should come tomorrow.

I got the first call today from a customer having a problem with his meter connecting to USB.
He was asking, almost accusing if me, we could have used one of the counterfeit FTDI's.
I am 99.999% sure that's not the case since production only buys from FTDI listed suppliers.
Now some of our end customers start worrying if they might have gotten a counterfeit chip in their meters and whenever USB is not working those who got the news start asking/ thinking.

In the end FTDI is now damaging our reputation, I am even afraid that some customers might stay off our products BECAUSE we use FTDI.
This situation is inacceptable.

Until that call today I thought "We are fine... all genuine". I didn't even think that that could even bite me in that way.
You can understand that I am pretty pissed. FTDI DICKHEADS

Yes, FTDI trashed their good reputation. 

I'm a ham radio operator.  Lots of different ham radio models use a serial interface for programming frequencies and tones into the radio's memories.  They usually use a cable with a USB to serial converter in it to connect the radio to the computer.  The "radio side" of the cable varies from one radio model to the next, so hams with multiple radios tend to collect lots of cables.  Cables are available from various sources, some of which may be a bit shady.  I've heard many hams talking on the air about issues getting their radios, cables, computers, and software to work properly together.  Many times on the air I've heard something like, "make sure to buy a cable with an FTDI chip, not a Prolific chip, because Prolific has a bunch of problems with clones that don't work, while FTDI chips just always work reliably".

Something tells me I won't be hearing that advice so much in the future.  FTDI might now be deterring counterfeiters, but they're also losing their own reputation among end users.

Reputation is a tricky thing.  The detailed facts aren't nearly as important as people's perception of the facts in the big picture.

[XFDDesign]

We have an extremely well qualified supply chain, but,
A. As a designer, I have no control over it and
B. To use a part with blind optimism that your supply chain can't possibly screw up is equivalent to playing Russian roulette.  I'd prefer to use the products from a company who is proactive about increasing reliability through thoughtful design and part selection.  You're saying I should add risk to an extremely critical system just to demonstrate my confidence in 3 or 4 layers of supply chain removed from our company?  No thanks.

It's interesting to note, that you're touching upon the same basic idea as calibration: a level of certainty. I doubt this other person has any product that shipped more than 100 lifetime-units, so the notion is simply not there. The only way to have the highest certainty of working parts is to buy direct from the supplier (note, not guaranteed certainty, just the highest. ), but as Dave pointed out, FTDI has been fickle with direct-sales support. Once part supply is handed off to a distributor, a whole new level of uncertainty is present. The guarantee of an absolute isn't there. With these distys (i.e. Arrow or Avnet), there is at least tractability to the source of the parts. If one buys from One-Hung-Far-Low Deep discount parts on eBay, well there is no certainty at all.

What you're essentially expressing above, is the same as my view: controlling device selection for a minimum level of confidence in the final product. The other guy, seems to argue that there is no reason to doubt his test gear to be in calibration, as it's all made by highly reputable manufacturers.

[madires]

This story is just beginning, and it will be interesting to see if FTDI will be able to survive the thousands of legal battles that are sure to come...

I don't think that there are going to be many law suits since most victims only got a few device with FTDI clones. It wouldn't make much sense to take FTDI into court for a few bucks. Too much hassle. But I'd suppose something else will hurt FTDI. Their customers are looking for alternatives. The ICs are already quite expensive and now that driver debacle which causes trouble for FTDI's customers. There are more reasons to replace FTDI chips with something else than to keep buying them.

[a210210200]

Technically using a driver that says FTDI with a non physically FTDI chip is stealing since your both using their software and hardware IP directly but illegitimately.

Modifying the PID is not breaking anything the device still works properly and if you wrote your own driver it would communicate with that. And if you get WHQL certification your driver can be plug-in play as well. Kills is a poor way to say it in reality it is just the drivers that are saying get your own driver.

If they killed the chips electrically which is possible via the config then that would be considered breaking it.

Are you a FTDI employee/engineer by any chance?

How can that first example be stealing by the way, when it's not physically taking or copying anything.
I've posted this before in the thread, the way their EULA is like so:

The licence only allows use of the Software with, and the Software will only work with Genuine FTDI Components (as defined in the Licence Terms). Use of the Software as a driver for a component that is not a Genuine FTDI Component MAY IRRETRIEVABLY DAMAGE THAT COMPONENT.

It is your responsibility to make sure that all chips you use the Software as a driver for are Genuine FTDI Components. If in doubt then contact FTDI.

That sounds like the driver is intended to be used with FTDI, and it's not tested beyond that. The damage sounds more like a disclaimer than anything else. It's my own responsibility to check on this, otherwise I may get trouble.

Doesn't that mean that is a FTDI-compatible (not saying FTDI-marked; because obviously that's a trademark deal) device is connected, it may work but is not intentional.

The download page says:

"FTDI drivers may be used only in conjunction with products based on FTDI parts."

I personally think "may be used" is not a very strict term, but I could be wrong as English is not my mother tongue.

No I'm not an ftdi employee I'm an employee at the University of British Columbia, Canada and use ftdi chips in teaching labs. I did get free chips from them as we give out free boards students build/program themselves for project work along with a small digikey budget. One of the steps if reprogramming the config to work with our proprietary hardware and software.

Students bad flashing chips has lead to people trying to over clock an msp430 which ends horribly which is a destructive config type example as is the source a clock that doesn't exist for the ftdi chip.

Ftdi chips and drivers carry their trademark and crypto signature and abusing that by marking it physically and software as an ftdi part is illegal in most countries.

Also you still not accepting that to kill a chip you have to literally disable it which is certainly possible via the clock config as one example.

Also the fact your paranoid that I'm an ftdi employee is telling.

[XFDDesign]

Also you still not accepting that to kill a chip you have to literally disable it which is certainly possible via the clock config as one example.

Also the fact your paranoid that I'm an ftdi employee is telling.

*You're.

A mechanic has no issue rebuilding an engine when it spins a bearing. The average person has little capacity to do this job. Therefore as one small group of people can fix a problem that those outside the group cannot, it's not killed as the latter perceive?

[a210210200]

Also you still not accepting that to kill a chip you have to literally disable it which is certainly possible via the clock config as one example.

Also the fact your paranoid that I'm an ftdi employee is telling.

*You're.

A mechanic has no issue rebuilding an engine when it spins a bearing. The average person has little capacity to do this job. Therefore as one small group of people can fix a problem that those outside the group cannot, it's not killed as the latter perceive?

No fixing is simple software magic people already wrote automatic tools to bypass, correct, and prevent detection in this very thread. It could not be done at all with software if you actually wrote a malicious config that can only be fixed by physically replacing the chip or modding a fix.

It is like saying Mercedes and bmw 's proprietary automatic diagnostics systems are liable for overwriting a custom ecu and any damage or lost value that results.

Pid0 is valid as the driver is saying as it can that you should write your own driver. I have our own custom drivers and automatic programmoing tools and it's the mfg fault for not tracing properly in any case and since I'm paranoid I can/do id fakes and report them. In the airplane part counterfit industry it has gotten to the point where people are counterfeiting the counterfit preventing documents.

[Rufus]

What you're essentially expressing above, is the same as my view: controlling device selection for a minimum level of confidence in the final product. The other guy, seems to argue that there is no reason to doubt his test gear to be in calibration, as it's all made by highly reputable manufacturers.

If I am supposed to be the other guy I am not arguing that at all. Say X and Y make voltmeters and fakes of both are being manufactured in China. You have reason to doubt both of them because they might be fakes of unknown quality, specification and origin. Now company X says we can identify these fakes and instruct calibration labs to refuse calibration of them effectively turning them into bricks. The 'other' guy is arguing that he should buy Y in the future because if he did buy something that ought to be a brick he would prefer not to know about it.

I argue that preferring not to know something is a fake of unknown quality and origin is not an acceptable stance for a supplier of quality equipment and because X can and will brick fakes you are more likely to end up with a fake Y than a fake X.

[sunnyhighway]

Ftdi's driver carries their trademark and crypto signature/trust so to be completely legal you have to have an unbranded/unsigned driver as well. The reprogrammable pidvid is for that purpose.

There is no need for an unsigned binary in the genuine FTDI drivers.
When using genuine FTDI chips in your design you can also include the FTDI drivers in your own product package as per license agreement.
If you choose to create your own drivers because you changed the PID and VID on the genuine FTDI chips you are free to create your own drivers and sign them as well.
Nothing illegal there either.

This raises the question why FTDI did not sign the binary "ftcserco.dll" in their latest driver.
I really would like FTDI to answer this question.

[eneuro]

So, in searching for a replacement for FTDI, I found this:

http://www.silabs.com/products/interface/Pages/cp2104-mini.aspx
....
I haven't tested this with my Linux Workstation [Ubuntu 14.04 LTS], but I *think* it should "just work" with no problems. 

Thx for this link-just was looking for something like this 

I looks like it fits my needs, while in one project I need to make USB interface from PC to MPU on small PCB:

"The CP2104 is a USB 2.0 full-speed device with integrated USB clock, voltage regulator and programmable memory reducing BOM costs and simplifying the design"

It''s 4 GPIO's might be usefull too, eg. for software I2C interface I'd like to have also implemented via USB 

"The CP2104 supports four user-configurable GPIO pins for status and control information. Each of these GPIO
pins are usable as inputs, open-drain outputs, or push-pull outputs. Three of these GPIO pins also have alternate
functions which are listed in Table 11."

Just recompiled and installed under Linux 2.6.x latest CP210x USB to UART Bridge VCP Drivers
http://www.silabs.com/Support%20Documents/Software/Linux_2.6.x_VCP_Driver_Source.zip
Window$ drivers there: http://www.silabs.com/Support%20Documents/Software/CP210x_VCP_Windows.zip

Code: [Select]

Linux_2.6.x_VCP_Driver_Source]$ make
make -C /lib/modules/2.6.39.1-eneuro_server/build M=/tmp/Linux_2.6.x_VCP_Driver_Source modules
make[1]: Entering directory `/nomoreftdi/kernel/src/linux-2.6.39.1-eneuro_server'
  CC [M]  /tmp/Linux_2.6.x_VCP_Driver_Source/cp210x.o
/tmp/Linux_2.6.x_VCP_Driver_Source/cp210x.c:181: warning: initialization from incompatible pointer type
/tmp/Linux_2.6.x_VCP_Driver_Source/cp210x.c:184: warning: initialization from incompatible pointer type
/tmp/Linux_2.6.x_VCP_Driver_Source/cp210x.c:185: warning: initialization from incompatible pointer type
  Building modules, stage 2.
  MODPOST 1 modules
  CC      /tmp/Linux_2.6.x_VCP_Driver_Source/cp210x.mod.o
  LD [M]  /tmp/Linux_2.6.x_VCP_Driver_Source/cp210x.ko

There is also GPIO example cp210x_gpio_example.c which shows  how to use the two IOCTLs to toggle CP2104 GPIOs.

They included also some kind of CP2104 Mini design, so it looks like it is time to design own PCB based on this schematic
CP2104-MINIEB-Schematic.pdf
There are a lot of interface application notes there: http://www.silabs.com/products/Interface/Pages/interface-application-notes.aspx
Very interesting and up to date is this: Integrating the CP210x Virtual COM Port Driver into the Android Platform - connecting Android to our PCB - awersome   

Lets  and see how it works in practice.
So, lets DIY nice USB -> PCB interface and...

I hope, I can forget about FTDI 
FTDI?, no thanks !

[a210210200]

Ftdi's driver carries their trademark and crypto signature/trust so to be completely legal you have to have an unbranded/unsigned driver as well. The reprogrammable pidvid is for that purpose.

There is no need for an unsigned binary in the genuine FTDI drivers.
When using genuine FTDI chips in your design you can also include the FTDI drivers in your own product package as per license agreement.
If you choose to create your own drivers because you changed the PID and VID on the genuine FTDI chips you are free to create your own drivers and sign them as well.
Nothing illegal there either.

This raises the question why FTDI did not sign the binary "ftcserco.dll" in their latest driver.
I really would like FTDI to answer this question.

I don't think windows likes unsigned drivers so it would be uprising if that was actually pushed out without a cryptographic signature. Simple facts are that FTDI/Silicon Labs drivers are "free" to use with their hardware and not fakes. Anything relying on these drivers and has a fake chip is going to be useless anyways.

The simple solution is to either go the gray legal route of bypass everything and be on your merry way or use you own drivers and just say they are FTDI pin-compatible chips.

Not signing a driver would be very unusual if it was typically signed. In controlled setups automatic updates are always off and we always use the exact image that was the original. You can use group policy to control this and on my dev machine obtaining online drivers is actually disabled because it slows down the driver install time by quite a bit when you already have the driver on ssd.

[nixfu]

So, I guess it would be ok if one of these 'clone' makers who have devices that are protocol compatible with the FTDI chip, slapped a new product code and name on their product to make it 'legit', and created a driver that borked offical FTDI chips.....that would be ok too?

[Chipguy]

Hi !

That's what I put together within the last days.
Possible FTDI replacements in alphabetical order:

Atmel ATMEGA8U2 16U2 with Arduino USBSerial Firmware (see Arduino UNO R3)
ASIX MCS7810 http://www.asix.com.tw
Cypress CY7C65211 with battery charger detection http://www.cypress.com/?mpn=CY7C65211-24LTXI
Prolific PL2303HX (Pin compatible to FT232R) http://www.prolific.com.tw/us/ShowProduct.aspx?p_id=156&pcid=41
Microchip MCP2200 www.microchip.com/MCP2200
Silicon Labs CP210x http://www.silabs.com/products/interface/usbtouart/Pages/usb-to-uart-bridge.aspx
Texas Instruments TUSB3410 http://www.ti.com/product/TUSB3410?keyMatch=tusb3410&tisearch=Search-EN
WCH-IC Chinese CH340 http://wch-ic.com/product/usb/ch340.asp

[amyk]

Hi !

That's what I put together within the last days.
Possible FTDI replacements in alphabetical order:

Atmel ATMEGA8U2 16U2 with Arduino USBSerial Firmware (see Arduino UNO R3)
ASIX MCS7810 http://www.asix.com.tw
Cypress CY7C65211 with battery charger detection http://www.cypress.com/?mpn=CY7C65211-24LTXI
Prolific PL2303HX (Pin compatible to FT232R) http://www.prolific.com.tw/us/ShowProduct.aspx?p_id=156&pcid=41
Microchip MCP2200 www.microchip.com/MCP2200
Silicon Labs CP210x http://www.silabs.com/products/interface/usbtouart/Pages/usb-to-uart-bridge.aspx
Texas Instruments TUSB3410 http://www.ti.com/product/TUSB3410?keyMatch=tusb3410&tisearch=Search-EN
WCH-IC Chinese CH340 http://wch-ic.com/product/usb/ch340.asp

Cypress CY7C65213 would probably be better than the '211 - even boasts FT232R pin-compatibility and lower power consumption: http://www.cypress.com/?rID=83118

[Chipguy]

Cypress CY7C65213 would probably be better than the '211 - even boasts FT232R pin-compatibility and lower power consumption: http://www.cypress.com/?rID=83118

Interesting, I will get one of them tomorrow. I noticed "QFN32" but didn't check if they are pin compatible.
However, their features are very different. The Cypress got Battery Charger Detection but no RS485 control.

Anyway, this definetly fits the list perfectly.

[a210210200]

Making debugging tricking is actually part of the cat/mouse game. Making your special fake chip detection result in a constant stream of "Your chip is fake!" will literally make finding the code that does the detection trivial in reverse engineering the driver binaries as simple as looking for a constant of that very string.

But if the driver sticks in random bad data for detecting a fake chip and uses clever obfuscation techniques it can require extensive reverse engineering to find it if ever. (This along with any in text stream isn't very nice and is potentially dangerous)

Nope.

They don't need to disassemble FTDI's Windows driver code.

All the cloners care about is the data that appears on their end of the USB bus. You can get big USB debugging tools for that. If FTDI changes anything they'll just compare it with the data sent by last month's (working) driver to see what changed and update their FTDI emulation software accordingly.

People already disassembled the driver code I did it just now to look. There is no need to debug anything physical. Its faster and once you lock in on the relevant code much more trivial to fix and robust than a replay attack.

[XFDDesign]

No fixing is simple software magic people already wrote automatic tools to bypass, correct, and prevent detection in this very thread. It could not be done at all with software if you actually wrote a malicious config that can only be fixed by physically replacing the chip or modding a fix.

It is like saying Mercedes and bmw 's proprietary automatic diagnostics systems are liable for overwriting a custom ecu and any damage or lost value that results.

Pid0 is valid as the driver is saying as it can that you should write your own driver. I have our own custom drivers and automatic programmoing tools and it's the mfg fault for not tracing properly in any case and since I'm paranoid I can/do id fakes and report them. In the airplane part counterfit industry it has gotten to the point where people are counterfeiting the counterfit preventing documents.

Then following that argument, since fixing a spun bearing is simply pulling the crank off and replacing the $2 bearings is straight forward (as there are many guides on the internet) anyone can do it and therefore there is never such thing as a dead engine to the standard consumer. The rest of your post is irrelevant against this particular discussion point.

[sweesiong78]

Then following that argument, since fixing a spun bearing is simply pulling the crank off and replacing the $2 bearings is straight forward (as there are many guides on the internet) anyone can do it and therefore there is never such thing as a dead engine to the standard consumer. The rest of your post is irrelevant against this particular discussion point.

lol...Im loving the car repair analogies....I love wrenching actually

[a210210200]

FTDI would be classified as "bricking" the counterfeit chips if they went and messed around with the clock configs to either overclock/source a non-existent clock or just corrupt the entire NV memory. Changing the PID to 0 is not damaging anything. The device won't ever work with the stock FTDI drivers and requires a 3rd party driver to work.

Word games won't save you in court.

If a machine was working yesterday and stopped working today because of something FTDI knowingly planned/did then they broke some laws.

If enough people complain (and I suggest you do!) then it could even become a class-action lawsuit that destroys their company. I wouldn't shed any tears, the world doesn't need companies that think/act like FTDI.

Not actually since now that you know you have a fake product your technically supposed to destroy and report it anyways (I'd try to de-lid the fake chips since we have semi-conductor cleanroom with wetbenches and the chemicals to do it). The customs officials can then go and find the shipments and inspect/seize/destroy them in route.  (In Canada the CBSA do inspect packages randomly at the UPS depot as I've seen regularly)

Distribution and resale is illegal in most countries, even transporting/carrying large/commercial amounts of a counterfeit is illegal and subject to forfeiture and destruction.

The only thing a class action lawsuit is going to do is pay lawyers a ton of money. The gray legal route of bypassing the software protections is the likely route and has already worked and it will just take a bit of time for the counterfeiters to adopt the changes.

[a210210200]

No fixing is simple software magic people already wrote automatic tools to bypass, correct, and prevent detection in this very thread. It could not be done at all with software if you actually wrote a malicious config that can only be fixed by physically replacing the chip or modding a fix.

It is like saying Mercedes and bmw 's proprietary automatic diagnostics systems are liable for overwriting a custom ecu and any damage or lost value that results.

Pid0 is valid as the driver is saying as it can that you should write your own driver. I have our own custom drivers and automatic programmoing tools and it's the mfg fault for not tracing properly in any case and since I'm paranoid I can/do id fakes and report them. In the airplane part counterfit industry it has gotten to the point where people are counterfeiting the counterfit preventing documents.

Then following that argument, since fixing a spun bearing is simply pulling the crank off and replacing the $2 bearings is straight forward (as there are many guides on the internet) anyone can do it and therefore there is never such thing as a dead engine to the standard consumer. The rest of your post is irrelevant against this particular discussion point.

No unlike a car the software requires no physical change and the product physically still works (electrical, software, mechanical) all fine. The PID is just set to 0 and can be changed to work with any driver or if you use tools people already made work with the FTDI official driver.

Its like saying to fix a bearing on your car you just goto a website and press fix car. (Its like saying to download some RAM)

[XFDDesign]

What you're essentially expressing above, is the same as my view: controlling device selection for a minimum level of confidence in the final product. The other guy, seems to argue that there is no reason to doubt his test gear to be in calibration, as it's all made by highly reputable manufacturers.

If I am supposed to be the other guy I am not arguing that at all. Say X and Y make voltmeters and fakes of both are being manufactured in China. You have reason to doubt both of them because they might be fakes of unknown quality, specification and origin. Now company X says we can identify these fakes and instruct calibration labs to refuse calibration of them effectively turning them into bricks. The 'other' guy is arguing that he should buy Y in the future because if he did buy something that ought to be a brick he would prefer not to know about it.

I argue that preferring not to know something is a fake of unknown quality and origin is not an acceptable stance for a supplier of quality equipment and because X can and will brick fakes you are more likely to end up with a fake Y than a fake X.

In no part of this claim does it fit with the earlier premises of your post.
If you buy a Tektronix scope, direct from the factory, do you not bother to have it calibrated as you know it comes from the factory, and by the standard of their known quality that is sufficient?
If you bought that same scope from an authorized distributor, do you still opt to not get calibrations since the product is still genuine Tektronix and their history of quality is sufficient?
Would you buy that same model scope from OneHungLowElectronics on eBay, and only then get a calibration to figure out if it's within spec?

[XFDDesign]

No unlike a car the software requires no physical change and the product physically still works (electrical, software, mechanical) all fine. The PID is just set to 0 and can be changed to work with any driver or if you use tools people already made work with the FTDI official driver.

Its like saying to fix a bearing on your car you just goto a website and press fix car. (Its like saying to download some RAM)

To the end user, how is the end result differentiated (inoperable engine vs. inoperable device)?

[a210210200]

No you don't understand photocopiers will literally brick themselves (only certain models that are a "threat") and if any official tech ever sees the error code (the machine locks out as well and requires service to be unlocked) the legal hammer would come shortly. (Counterfeiting is illegal, no contract is required)

In the unlikely event that any of that is true, please name the manufacturers and jurisdictions in question, so that I may avoid them.

The fact that a copier thinks it has seen a Eurion constellation is nowhere near grounds to brick itself, let alone prosecute anybody.

Adobe (photoshop, ...) have it, Xerox, HP, Brother, Canon, Dell, Epson, IBM, Konica Minolta, ... only certain software/hardware have the anti-counterfeiting systems with high end color ones being very likely to have it. Production level ultra-high end gear is very likely to have lockouts as with the right stock you could probably print money that looks very real. Printer stenography is pretty standard and I use it to verify documents regularly as well. (its funny when you see people not setting the clock correctly, you can trace it right down to the printer that printed it)

Or as wikipedia says "In the late twentieth century advances in computer and photocopy technology made it possible for people without sophisticated training to copy currency easily. In response, national engraving bureaus began to include new more sophisticated anti-counterfeiting systems such as holograms, multi-colored bills, embedded devices such as strips, microprinting, watermarks and inks whose colors changed depending on the angle of the light, and the use of design features such as the "EURion constellation" which disables modern photocopiers. Software programs such as Adobe Photoshop have been modified by their manufacturers to obstruct manipulation of scanned images of banknotes.[18] There also exist patches to counteract these measures."

The dot stenography coding is also an additional "feature" on many color printers, some brands are inconsistent while others have it on every color printer. A few don't bother with it but I don't remember which models they are. (If you print black and white it doesn't print the dot patterns)