FTDI driver kills fake FTDI FT232??

[nctnico]

The devices were on life support provided by the illegal use of FTDI drivers, FTDI figured out how to and turned off the switch. I believe it was within their rights to do so. No one is stopping you resurrecting the corpses by writing some other drivers or using the legal ones on Linux.

The use wasn't illegal. Most people had the drivers installed automatically without being shown the EULA

I am not a lawyer. I find it hard to see how an EULA makes any difference. The drivers (like all software) are copyright. The copyright holder FTDI allow the use of their drivers under certain conditions. No agreement is required it is just a fact and using their drivers outside of those conditions is an illegal violation of their copyright. Not agreeing that you are aware of those conditions would at best only support a defence of ignorance for that violation.

I'd like to see how copyright can disallow use of software for other than intended purposes. After all copyright only deals with rights to distribute 'a work' not how 'the work' is used.

[a210210200]

And DMCA  Since when is DMCA applicable to a company in Scotland (UK) and laws broken e.g. in France, Germany or Netherlands?

Maybe you should look up the EU InfoSoc directive which also protects "Technological Protection Measures" and in some ways is more restrictive than the DMCA.

That is still not relevant, Rufus, sorry.

The directive text is here:
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32001L0029:EN:HTML

a) The directive talks about "circumvention of effective technological measures" (btw, DMCA has the same requirement). That alone makes your theory wrong - VID/PID are not designed to act as a technological measure to prevent access to anything (let alone an effective one!), they are simply identifiers facilitating finding of a correct driver by the host. So your argument is falling apart right there.

b) The directive has provisions for interoperability

c) There is also section 48, so even if we accept that the borking of end-user's device is a "technological measure" in the sense of the directive, then:

Such legal protection should be provided in respect of technological measures that effectively restrict acts not authorised by the rightholders of any copyright, rights related to copyright or the sui generis right in databases without, however, preventing the normal operation of electronic equipment and its technological development. ...

d) The redress in case of a copyright violation has to be sought according to law - the directive leaves that to the individual countries to implement. E.g. in France that means sending cease&desists first, then a court action. There is *zero* provision for vigilantism and breaking of supposedly illegal stuff, no matter what the right owners may wish for. You call that "due process" in the US, I believe.

Rufus,  you have no clue what you are talking about and only grasping at straws. Better read (and understand) the stuff you are trying to use to support your arguments first next time.
Sorry man, no cigar. 

Arguably you could say HDCP isn't legal either since the master key is leaked and it is no longer an "effective technical measure" it isn't really as anyone can make new HDCP keys themselves. But HDCP still is allowed to disable user equipment and is not banned in the EU and I don't think is facing any current legal challenges. Also with HDCP 2.2 it is just going to get even "better...", now it will be not backwards compatible, have distance latency checks, and all sorts of fun stuff.

The electronic equipment still operates normally (FT_PROG can still access it and the official documents for invalid PID use still apply and is normal operation for the device as dictated by FTDI's documentation) development is not inhibited it is just you can no longer use FTDI's official driver which is their property.

[a210210200]

I'd like to see how copyright can disallow use of software for other than intended purposes. After all copyright only deals with rights to distribute 'a work' not how 'the work' is used.

Uh, I think Steam, Microsoft, FTDI, every media company in existance, ... use copyright and trademarks to control the use of their software/media for non-intended purposes.

Certain protections exist for commentary, education, ... but there are a ton of ways companies can restrict your ability to use a "work". (DRM comes as an easy example, time limited demos, always online checks, and all manner of bad but not illegal control of use measures)

Edit: Most actually forbid you from distributing it at all and then go on to say how you can't do this and that and use in this and that is forbidden. Some will even go into detail about what happens if they think your bad and how the use of the product may be restricted, revoked, altered automatically. Most software you strictly speaking only "licensed" to use and the use is contingent on a bunch of terms or just their goodwill.

[markb82]

If you can agree that FTDI owns the driver IP, and you own the clone.  Then FTDI can modify the driver to not function with the clone.  They are not allowed to modify the clone to not work with the driver.  Pretty simple no?

FTDI like HDCP does not own the device yet it modifies them and it is allowed to do so. FTDI driver is just revoking the number. Its a joke to put it back (unlike HDCP revoking) but both modify a user's device automatically.

It isn't a nice thing to do but it isn't illegal. The mfg of the fake chips is doing very illegal stuff however.

A legal clone would use its own VCP driver and have no brand relation at all to FTDI other than it functions the same with completely cloned everything that another company put work into making.

You're assuming they have legal ownership over the VID and PID, which I don't believe they do, for a number of reasons stated previously in this very long thread.  Also can we remove all the HDCP discussion, its meant to prevent direct copies of video content, not to prevent you from watching CSI or a clone of the show because you should be watching NCIS.  (I hate all the metaphors, its like comparing apples to oranges, so I'll refrain from using them.)

Also they didn't change the VID, only the PID, can you justify only modifying the one?

You've been posting non-stop which is pretty determined, so I wonder which machine shop at UBC you work at being former UBC engineering student.

I'm quite amazed that DigilentMinds.com and others have had the stamina to continue arguing with you. 

[madires]

FTDI did a bad thing in revoking the device just like HDCP is bad but it isn't illegal.

Please ask a lawyer to explain to you why FTDI committed a crime. Based on the local law it's either willful damage to property or computer sabotage / cyber-whatever. FTDI knows that. That's also the reason for the lousy response of the CEO. If FTDI would admit any wrongdoing they would be liable for any damages immediately. It's a game to protect the company (and themselves vs. share holders) and to make it harder for victims to request any compensation.

[a210210200]

If you can agree that FTDI owns the driver IP, and you own the clone.  Then FTDI can modify the driver to not function with the clone.  They are not allowed to modify the clone to not work with the driver.  Pretty simple no?

FTDI like HDCP does not own the device yet it modifies them and it is allowed to do so. FTDI driver is just revoking the number. Its a joke to put it back (unlike HDCP revoking) but both modify a user's device automatically.

It isn't a nice thing to do but it isn't illegal. The mfg of the fake chips is doing very illegal stuff however.

A legal clone would use its own VCP driver and have no brand relation at all to FTDI other than it functions the same with completely cloned everything that another company put work into making.

You're assuming they have legal ownership over the VID and PID, which I don't believe they do, for a number of reasons stated previously in this very long thread.  Also can we remove all the HDCP discussion, its meant to prevent direct copies of video content, not to prevent you from watching CSI or a clone of the show because you should be watching NCIS.  (I hate all the metaphors, its like comparing apples to oranges, so I'll refrain from using them.)

Also they didn't change the VID, only the PID, can you justify only modifying the one?

You've been posting non-stop which is pretty determined, so I wonder which machine shop at UBC you work at being former UBC engineering student.

I'm quite amazed that DigilentMinds.com and others have had the stamina to continue arguing with you. 

Mechanical, Electrical, Engineering Physics are all shops I've used for prototyping and small production runs for course development work (teaching labs). I'm working with a bunch of different groups so it has perks. I've worked with students and class work at AMPEL (Brimacombe Building), KAIS, HEBB, MCLD, ICCS, ...

I'm sitting on a few terabytes of image data that are processing so I have time to spare as I have to wait a bit to check each record after it gets processed. Needs so much memory only my home computer has enough memory to do it.

To the non stop part I give you, http://xkcd.com/386/
(Technically speaking I'm working too, well the computer is working on it actually, I'm just waiting for it)

Modifying the VID would be very bad as it would be difficult to detect afterwards what the device might do a VID of 0000 and a PID of 0000 could be anything really. (It would be impossible to automatically detect it with certainty as certain error edge cases exist with VID 0000 and PID 0000 will get reported when a device is not working properly)

VID FTDI and PID 0000 Means unknown (probably changed by FTDI) device and automatic tools can use these facts reliably.

There is no legal ownership of PID/VID but there is also nothing that says FTDI can't change a PID of something that connects to it should it decide to. Most USB devices do not support this if a device connects to the wrong driver then bad things like the driver intentionally kicking the device out is certainty possible.

HDCP will permanently black list a number and people have no recourse and it doesn't even care if your caught in the cross fire. (Bad but not illegal)

Not true HDCP and its ilk can stop you from using analog outputs, connecting certain devices, control video quality, resolution, audio quality (Including disabling or restricting access to content as the flags dictate) and HDCP certainly is concerned with fake/clone devices that advertise HDCP compliance but are not. Which is exactly what FTDI did they revoked the PID number just as HDCP revokes a device (just that revocation is going to stick in most situations)

I'm talking about the hardware protection side of HDCP which is for anti-clone/unauthorized hardware.

[a210210200]

FTDI did a bad thing in revoking the device just like HDCP is bad but it isn't illegal.

We will just have to agree to disagree, and our opinions matter very little-- this will all have to be decided in the courtroom.

Doubt it if you want you can get started on it. Civil courts are pretty open to starting cases up. Just be prepared for sticker shock. Suing isn't the solution, jumping up and down isn't the solution, talking things out in a nice structured manner is a good way to figure things out.

For one the fake device isn't dead. Secondly the fake chips certainly do have physical brand infringement which we both agree is very illegal. Thirdly a consumer should go after the seller and the mfg should go after the distributor and so on until the counterfeiters are caught. The end user has the ability as a rational thinking person to say hey this is a fake, I want a refund. And then the seller says hey this is a fake I want a refund. Then the distributor is like crap who sold us this junk and so on until people point the finger at a company and customs can be informed so that their products are seized on import and legal cases can be setup.

[sacherjj]

I am not a lawyer. I find it hard to see how an EULA makes any difference. The drivers (like all software) are copyright. The copyright holder FTDI allow the use of their drivers under certain conditions. No agreement is required it is just a fact and using their drivers outside of those conditions is an illegal violation of their copyright. Not agreeing that you are aware of those conditions would at best only support a defence of ignorance for that violation.

Technically, it would be a violation of their LICENSE, not a violation of their copyright.  Redistributing the drivers would be a violation of their copyright. 

Now I can't violate their license, because I have NEVER BEEN ASKED TO AGREE TO THEIR LICENSE.  They choose to include their software with Windows and they choose to never require the end user to even read, much less to agree to their license.  It is idiotic to call someone in violation of something they don't even know exists.  They plug in a device they purchased and for all the end user knows, Microsoft made the driver in Windows to make it work. 

Now the user has a device with a legal clone in it, and by violating nothing they have agreed to, FTDI willfully destroys their property.  It really is quite simple.

[a210210200]

FTDI did a bad thing in revoking the device just like HDCP is bad but it isn't illegal.

Please ask a lawyer to explain to you why FTDI committed a crime. Based on the local law it's either willful damage to property or computer sabotage / cyber-whatever. FTDI knows that. That's also the reason for the lousy response of the CEO. If FTDI would admit any wrongdoing they would be liable for any damages immediately. It's a game to protect the company (and themselves vs. share holders) and to make it harder for victims to request any compensation.

The counterfeiter caused willful damage to FTDI's image and induced really dumb PR (Like FTDI's PR seems to be literally doing all the wrong things) actions to occur and as a result caused even further damage to their public image. Users have had their expectations of a legitimate genuine product broken and have now what amounts to third party chips with little to no official driver support depriving them of their expected access. All in all the company that made the products is the really obviously illegal company as are their distributors/sellers. Any mfg complicit is also performing commercial scale illegal activities. These all easily qualify for government legal action and seizure of fake product shipments and the such.

Failure of an illegal product due to anti-counterfeiting protections that intentionally revoke access to official software and hardware is not illegal unless you think HDCP is illegal which I don't think is being challenged in any country currently.

They should just say we are sorry that we failed to communicate with the community the counterfeiting problem and our countermeasures. Another site already contacted FTDI but they remained silent until the issue blew up right now.

[a210210200]

I am not a lawyer. I find it hard to see how an EULA makes any difference. The drivers (like all software) are copyright. The copyright holder FTDI allow the use of their drivers under certain conditions. No agreement is required it is just a fact and using their drivers outside of those conditions is an illegal violation of their copyright. Not agreeing that you are aware of those conditions would at best only support a defence of ignorance for that violation.

Technically, it would be a violation of their LICENSE, not a violation of their copyright.  Redistributing the drivers would be a violation of their copyright. 

Now I can't violate their license, because I have NEVER BEEN ASKED TO AGREE TO THEIR LICENSE.  They choose to include their software with Windows and they choose to never require the end user to even read, much less to agree to their license.  It is idiotic to call someone in violation of something they don't even know exists.  They plug in a device they purchased and for all the end user knows, Microsoft made the driver in Windows to make it work. 

Now the user has a device with a legal clone in it, and by violating nothing they have agreed to, FTDI willfully destroys their property.  It really is quite simple.

Again the device is in no way "destroyed" FTDI's drivers do not have to legally interoperable or even allow them to keep the same PID they report. Altering the PID is not a damaging action and only prevents it from working with FTDI's drivers, third party programs and tools can still use the chip normally.

The clone is only very legal if it uses its own driver with its own physical/digital branding. Re-use of another companies device driver is not a good idea legally speaking especially since the driver does a lot of the functionality/branding/copyrights as well.

The driver is tricked into thinking the device is a real device and it reports it as an FTDI chip that alone breaks the copyright/trademark. The fact that PID/VID collisions are not illegal is not relevant but the user facing this is an FT232R is a breach of copyright. The chip should report as an IX232S or something but that isn't possible unless they have their own driver.

HDCP has no EULA and I think FTDI's bad system does the exact same function of revoking devices access to official software/hardware.

[markb82]

Again the device is in no way "destroyed" FTDI's drivers do not have to legally interoperable or even allow them to keep the same PID they report. Altering the PID is not a damaging action and only prevents it from working with FTDI's drivers, third party programs and tools can still use the chip normally.

I think you're a fairly reasonable person a210, but can you admit that this is not true?  The device is prevented from working with any old build of Linux, or BSD, which does not have a fix for the PID being cleared to 0000s.  There are many many embedded devices our there which use Linux, within which it is not simple to update the Linux build.

[mikeselectricstuff]

Again the device is in no way "destroyed" FTDI's drivers do not have to legally interoperable or even allow them to keep the same PID they report. Altering the PID is not a damaging action and only prevents it from working with FTDI's drivers, third party programs and tools can still use the chip normally.

Action that deliberately renders something into a state that  requires any effort, time, or  money to revert to its original state constitutes criminal damage. A  "real-world' example would be letting someone's tyres down.

[C]

I have been sitting here and trying to think of someone not using a clone on this forum.

My very old Viewsonic monitor is a clone! It is a clone of IBM's VGA monitor and is very much better.

My USB and PS2 keyboards are clones. In fact they are clones of clones. One is a DELL clone of a Microsoft Clone which was a clone.

I can't think of a chip in the computer that is not based directly or indirectly on a clone.

FTDI just trying to identify a clone could be a criminal act.

C

[a210210200]

I design hardware and write firmware for that hardware.  There are times when this involves the use of USB as a transport mechanism, and so I have had many occasions where I has to deal with that.  So, as yo might imagine, I am well versed in how the USB "plug-n-play" paradigm works, and am familiar with the various ways that the various O/S's deal with these devices, including the way they get enumerated and assigned to various drivers.

Many times the *only* way an O/S assigns a driver is to *only* look at the VID/PID pair.  BUT, there *are* instances where the VID/PID pair is *not* unique, and so the O/S must then look at the descriptors to determine what driver to attach to the device.  There are other device characteristics that can be used to develop a unique signature that positively identifies the correct driver to use.  Note that this same scheme is used on the PCI bus, and there are instances where the VID/PID are not unique also.

So, while the VID/PID pair is important, one cannot assume that they are unique [because not everyone plays by the rules-- even legitimate devices].  Since it is impossible for the O/S to predict every possible device that might be plugged in, and to then know what to do with them, there is a heavy burden placed on the driver to make the final determination as to whether it is attached to a compatible device [or not], and to do the appropriate thing.

It seems that FTDI has a driver that can determine if the device attached to it is a genuine FTDI device.  The proper thing to do if the device is *NOT* a genuine FTDI device is to simply not respond to it [i.e. through any data coming from the device into the "bit bucket", and not register the device with the O/S as a VCP].  I'm pretty sure this is the mandated behavior proposed by the USB-IF group, and since FTDI belongs to this group, they must have signed an agreement that states how they will deal with a non-compliant device [and that does not include modifying the device in any way].

FTDI [decided] that they would go further than just ignoring a non-FTDI device, and they would *modify* the device so that it would never be recognized by any driver [on *any* O/S] as a genuine FTDI device.  They did not have to do this for interchangeability-- they did it to intentionally "brick" the device-- even for legitimate uses on another O/S where they don't own the driver IP.  This, in law, is called a "tort", and it *is* actionable.  The US federal government might also decide to classify this as "cyber terrorism", which not so surprisingly is a major crime.  I don't know what they are going to do.  We will see.  Things might get real interesting.

The device is the one that reports the VID/PID the OS merely matches it assuming the device is telling the truth. Matching extended data on a collision is not ideal.

FTDI is doing the "correct" thing in that the driver detects a non official protocol PID matching device and gives it another assuming it is similar enough to allow re-assignment. (Which it is)(This very certainly is an anti-counterfeiting system) FTDI's protocol is proprietary and if the device listens to commands to goto the time out zone (0000) then it is at least compatible with the driver the driver just doesn't want to talk to it or any older versions to talk to it either. (The devices PID is revoked using a normal mechanism which the device supports)

Mandated USB behavior as you said isn't law so FTDI is free to do as HDCP does which is bad but not illegal. (I believe many devices don't enumerate to negotiate power and this was well before cellphones and the such because people were lazy and many usb powered devices (Tec chillers, lamps, fans, ...) didn't even have the data lines connected to anything)

FTDI is basically doing a device revocation as HDCP does and its not nice but it isn't illegal in any sense. And no other third party tools and drivers exist to skip around or even trick the FTDI driver into playing nice. (Technically under US law those especially in the HDCP case are illegal, or at least very gray zone things)

Oh my "cyber terrorism" I've never seen as HDCP that bad.

[jancumps]

.... probably a fitting end for a fascist company like FTDI.

Godwin's law proven at last.

Fascism is a philosophy and a behavior-- and you don't have to belong to anything like the NAZI party to be a fascist.  We have fascists right here in the USA that are congressmen and senators.  We also have communists [collectivists] and other undesirable types.  Hitler and/or Mussolini had no monopoly on fascism.

http://en.wikipedia.org/wiki/Fascism

Yes you are right. I just couldn't stop myself from posting this comment because I deemed it to be close enough. And that makes me subject to Godwin's second law.

[a210210200]

Again the device is in no way "destroyed" FTDI's drivers do not have to legally interoperable or even allow them to keep the same PID they report. Altering the PID is not a damaging action and only prevents it from working with FTDI's drivers, third party programs and tools can still use the chip normally.

Action that deliberately renders something into a state that  requires any effort, time, or  money to revert to its original state constitutes criminal damage. A  "real-world' example would be letting someone's tyres down.

Well then we should go after HDCP first because they have disabled devices in the past and probably will in the future as well. There are no legal cases against HDCP to my knowledge that have succeeded in this respect. FTDI just revoked the devices PID it still electrically is fine and works normally otherwise.

Linux just needs a fake clone driver update and windows will have a third party one too I'm sure given the level of interest. The fake chips are fake and bypassing the DRM is a joke. HDCP has caused me to spend time, money, effort, and even prevented perfectly working hardware to not function and I doubt I can get a criminal case going off that.

Letting someone's tyres down is still physically damaging as leaving the tires flat for any length of time can cause permanent physical damage to the tyre and or wheel and is not even reversible by simple re-inflation. Using linux auto-update and it magically working again isn't remotely the same. On windows Microsoft isn't likely to bypass FTDI for us so simple tools can bypass FTDI's DRM.

[a210210200]

I have been sitting here and trying to think of someone not using a clone on this forum.

My very old Viewsonic monitor is a clone! It is a clone of IBM's VGA monitor and is very much better.

My USB and PS2 keyboards are clones. In fact they are clones of clones. One is a DELL clone of a Microsoft Clone which was a clone.

I can't think of a chip in the computer that is not based directly or indirectly on a clone.

FTDI just trying to identify a clone could be a criminal act.

C

The difference is that the clones were developed with their own work and they used cleanroom design principles. Google did the same for android (mostly).

[markb82]

Well then we should go after HDCP first because they have disabled devices in the past and probably will in the future as well. There are no legal cases against HDCP to my knowledge that have succeeded in this respect. FTDI just revoked the devices PID it still electrically is fine and works normally otherwise.

Linux just needs a fake clone driver update and windows will have a third party one too I'm sure given the level of interest. The fake chips are fake and bypassing the DRM is a joke. HDCP has caused me to spend time, money, effort, and even prevented perfectly working hardware to not function and I doubt I can get a criminal case going off that.

Letting someone's tyres down is still physically damaging as leaving the tires flat for any length of time can cause permanent physical damage to the tyre and or wheel and is not even reversible by simple re-inflation. Using linux auto-update and it magically working again isn't remotely the same. On windows Microsoft isn't likely to bypass FTDI for us so simple tools can bypass FTDI's DRM.

You're still avoiding my very basic question:

Can you agree that changing the PID stopped the Linux driver from working until about 2 days ago when a patch was released to specifically address the issue caused by FTDI changing the PID? Yes, No? Feel free to elaborate.

Can you agree that for nearly a month (from the release date of FTDI driver until the release of the Linux patch) the clones were modified to the point where they would not work with Linux? Yes, No? Feel free to elaborate.

Can you agree that any unpatched Linux system, especially embedded systems, will no longer function with a clone which has been exposed to the FTDI windows driver?  Yes, No?  Feel free to elaborate.

[markb82]

Oh and one more:

Can you agree that FTDI did this deliberately? Yes, No? Feel free to elaborate.

P.S.  Even FTDI isn't ready to admit that they did this deliberately, likely because they feel there are legal repercussions.  (Ref: http://www.eetimes.com/author.asp?section_id=36&doc_id=1324420 )

[Mike Warren]

I've been bitten by this debacle even though I'm close to 100% confident there will be no FTDI fakes in my products.

We are about to release a new product (was supposed to be today) that contains a FT230X, and as part of my software install I include the installer for the FTDI driver. As a result, I would be responsible for putting this dangerous driver on other people's computers.  That is an unacceptable legal risk for my company.

We now have no choice but to hold off release until FTDI fixes this. And I also have to do all my installer testing again. This will cost my company at least half a day of my time, not to mention possible lost sales because of a late release.

I'm very disappointed and annoyed, and will be looking more closely at the FTDI alternatives in the future.

Unfortunately, our volume is so low that FTDI can safely ignore us.

[sunnyhighway]

Also they didn't change the VID, only the PID, can you justify only modifying the one?

I try to make an educated guess, so I stand to be corrected.

 - The VID (Vendor ID) has a 1 on 1 relationship to the vendor and the PID (Product ID) has a 1 on 1 relation with a product of that vendor.
 - Both VID and PID are registered at some registrar to keep track on what ID's are in use.
 - It would make sense that only the registrant for VID xxx can register a PID which he did not register earlier in combination with VID xxx.
 - Microsoft does not allow for any PID to contain the value 0. This could be because the USB standard does not allow for ANY PID to have the value 0.

If the above is correct:
#1: FTDI cannot change the VID to a VID registered by another company. (that other company would probably sue them)
#2: FTDI cannot change the VID to an unregistered VID. (that would probably get them in trouble with the registrar)
#3: FTDI could have chosen to register a new PID and change the fakes/clones to that PID. (but that would probably be like claiming the fakes/clones were theirs)
#4  FTDI could change the PID to a value that they did not register yet. (but this could lead to everyone to believe the fakes/clones are theirs but were leaked before official release)
#5: FTDI changed the only the PID to 0 which makes the fake/clone a device that is not compliant to the USB standards. (this makes a USB compliant device non-compliant device with the sole purpose to heat the room)

[Mike Warren]

And now your company has "standing" to sue them in court.  Have fun!

We are only a small company and can't afford the court time to sue an overseas company, even if winning was guaranteed. It's cheaper for us to take it on the chin.

[XFDDesign]

Is the device completely disintegrated? No.
Is the device usable (as you're inferring) by the end user? Also no.
Is there a difference as far as the end user is concerned? Still no.

This is all that matters. This:

You just answered yes to the device is physically damaged (also false it in no way is even remotely physically damaged)
You also just said it is unusable (false linux has an update already) and countless end user programs work with it)
You also said is there a different to the end user, well I'm an end user and I can tell the difference so you statement is false based on the mere existence of me an end user that doesn't agree with you, I detect fakes and report them as a responsible end user should.

etc

Is all irrelevant nonsense.

And you were given the technical basis of the "damage," so try to keep up. What you say "is" has no bearing on truth without a logical follow through. As to your attempt of "FALLACY" which you've reduced yourself to, if that's all it takes for you to "win" now, then:
Argumentum Ad Fallacy - Fallacy. You lose.

[Someone]

The driver is copyrighted and trademarked and abusing the not illegal to abuse PID/VID system to trick a driver

Yeah, the compatible and clone counterfeit chip maker are bad boys for letting you, the windows user in a gray area when using the official FTDI driver.
It's not nice, but not illegal. It's the point of a compatible to be compatible.
The EULA is not agreed by most people using recent windows, there is no EULA on th FOSS driver, so most people did not agree to respect anything in the EULA.

Yes, it keeps coming back to the licence/agreement of the windows driver. If companies can't distribute software with licences or agreements for use (in this case possibly hidden by microsofts update process) then they'll stop producing software.

There being no alternative driver with any ID is a clear admission that the device was always dead.

Is there any chance I can convince you to say "the device was always unsupported"?
To say "it was always dead", even though users had clearly been using them for many years, is absurd (if a bit Michelangeloic).  That's like suggesting that, upon its confiscation due to it having been stolen, a car that you've been driving around in for 15 years never actually moved a millimeter.

If you could convince other people not to keep saying the FTDI drivers killed, bricked, damaged, rendered inoperable, etc the device?

The devices were on life support provided by the illegal use of FTDI drivers, FTDI figured out how to and turned off the switch. I believe it was within their rights to do so. No one is stopping you resurrecting the corpses by writing some other drivers or using the legal ones on Linux.

The use wasn't illegal. Most people had the drivers installed automatically without being shown the EULA (in fact it was buried in an INF file somewhere) or knowing about the terms attached to the drivers. Clearly you can't break a contract that you haven't agreed to and haven't seen. Even if it is shown, whether the EULA is legally binding is questionable.

Whether FTDI could be prosecuted for what they did depends on whether evidence could be found showing they did it intentionally.

Now we're getting to the interesting bits, the hidden and obscure terms of the licence/agreement are on one hand needed to protect the value of software (driver) development but on the other hand people don't get a full opportunity to read the licence/agreement. An Australian comedy/consumer rights TV show called "The Checkout" had a good segment on how long you would have to spend to actually read the user agreements for common websites/software and pulled out some extremely broad terms for comedy value. There are various legal precedents for both sides of the argument and it would be a fun court case to watch if it ever makes it, but the expected damages are so low that we're unlikely to have this FTDI example make it to a judge.

I am not a lawyer. I find it hard to see how an EULA makes any difference. The drivers (like all software) are copyright. The copyright holder FTDI allow the use of their drivers under certain conditions. No agreement is required it is just a fact and using their drivers outside of those conditions is an illegal violation of their copyright. Not agreeing that you are aware of those conditions would at best only support a defence of ignorance for that violation.

Technically, it would be a violation of their LICENSE, not a violation of their copyright.  Redistributing the drivers would be a violation of their copyright. 

Now I can't violate their license, because I have NEVER BEEN ASKED TO AGREE TO THEIR LICENSE.  They choose to include their software with Windows and they choose to never require the end user to even read, much less to agree to their license.  It is idiotic to call someone in violation of something they don't even know exists.  They plug in a device they purchased and for all the end user knows, Microsoft made the driver in Windows to make it work. 

Now the user has a device with a legal clone in it, and by violating nothing they have agreed to, FTDI willfully destroys their property.  It really is quite simple.

Summed up very nicely, this is all about if the licence distributed with the driver is sufficient. Are we going to see companies stop distributing drivers with windows because the licences can't be enforced? I'm guessing a way will be found to keep the licences enforceable, if that needs a change to the way windows delivers its drivers it will be interesting.

Microsoft has terms that people agreed to before buying or during install (wait a second, please refer the EU case that install/run time EULAs are void that makes no sense what happens if you don't buy something and they display a must read prompt that makes zero sense) which covers Microsoft services and if you don't like automatic updates and automatic terms then you should disable it. (Which is easy to do and it gives you the choice right directly as well)

What a load of bullshit. Microsoft and FTDI are two entirely separate entities. Agreeing to terms from Microsoft can in no way mean to automatically agree to any terms that a third party may come up with in the future, let alone with any third party terms that the customer has never been shown.

Like, i have a contract with my landloard to rent the place i am in. That does not mean that i have to blindly agree to any terms that, for example, the electricity company makes to supply me with electricity in said place. It doesn't matter at all what terms and conditions have been agreed to between the user and Microsoft, as far as third party stuff is concerned. Those terms only apply between MS and the customer, and no one else.

Of course, MS could say "well, yes, we adopt FTDI's terms now, and thus they are ours as well". But in that case the user has to be notified of that fact, and still shown those terms.

Greetings,

Chris

Interestingly in Australia some rental contracts will provide the landlord with the ability to enter you into further contracts of supply for services, and they don't even have to tell you they have done it for you. Law is very complicated and varies on a country by country (or even state by state) basis.

The Dutch criminal law says 2 years in jail or a 20k euro fine if you render something which isn't yours useless:
http://wetten.overheid.nl/BWBR0001854/volledig/geldigheidsdatum_29-10-2014#TweedeBoek_TitelXXVII_Artikel350

Well if you want to press on with bullshit legal arguments I'll raise you with the DMCA. The VID and PID of a USB device could reasonably be considered to be an access control method for drivers which may be copyrighted.

Anyone using a non-genuine FTDI USB device with VID and PID causing access to copyrighted FTDI drivers without licence would be guilty of circumventing access controls and people selling such USB devices guilty of trafficking circumvention tools.

Which is why I brought up the DCMA usage by Tektronix in their suppressing of the serial keys for the older scopes, one possible action but hard to use against embedded software/hardware and not useful in many countries.

[a210210200]

Well then we should go after HDCP first because they have disabled devices in the past and probably will in the future as well. There are no legal cases against HDCP to my knowledge that have succeeded in this respect. FTDI just revoked the devices PID it still electrically is fine and works normally otherwise.

Linux just needs a fake clone driver update and windows will have a third party one too I'm sure given the level of interest. The fake chips are fake and bypassing the DRM is a joke. HDCP has caused me to spend time, money, effort, and even prevented perfectly working hardware to not function and I doubt I can get a criminal case going off that.

Letting someone's tyres down is still physically damaging as leaving the tires flat for any length of time can cause permanent physical damage to the tyre and or wheel and is not even reversible by simple re-inflation. Using linux auto-update and it magically working again isn't remotely the same. On windows Microsoft isn't likely to bypass FTDI for us so simple tools can bypass FTDI's DRM.

You're still avoiding my very basic question:

Can you agree that changing the PID stopped the Linux driver from working until about 2 days ago when a patch was released to specifically address the issue caused by FTDI changing the PID? Yes, No? Feel free to elaborate.

Can you agree that for nearly a month (from the release date of FTDI driver until the release of the Linux patch) the clones were modified to the point where they would not work with Linux? Yes, No? Feel free to elaborate.

Can you agree that any unpatched Linux system, especially embedded systems, will no longer function with a clone which has been exposed to the FTDI windows driver?  Yes, No?  Feel free to elaborate.

Yes, Of course FTDI intentionally revoked the PID of the fake chips.
No, users can still bypass it the device isn't "compatible"
No, changing the PID in linux does not require an updated driver

The updated driver just automatically supports fake FTDI chips that were revoked by FTDI. Its bad drm that is for sure but it isn't broken. Bypassing FTDI dumb DRM patch or not can be done with FTDIs own tools, they even have instructions for that as well.

Just use the FT_PROG tool and run,

sudo ./ft232r_prog --old-pid 0x0000 --new-pid 0x6001