Does anyone have more details on this - which driver versions zero out the PID, which ones don't?
I don't have any firm evidence that 2.12.0 is the version which introduced this issue, but the previous version from FTDI's web page (2.10.0) does not contain a licence file.
The licence file in 2.12.0 says (in part)
"
1.5 The Software will not function properly on or with a component that is not a Genuine FTDI Component. Use of the Software as a driver for, or installation of the Software onto, a component that is not a Genuine FTDI Component, including without limitation counterfeit components, MAY IRRETRIEVABLY DAMAGE THAT COMPONENT. It is the Licensee's responsibility to make sure that all chips it installs the Software on, or uses the Software as a driver for, are Genuine FTDI Components. If in doubt then contact the Licensor. "
Of course, if you had just followed the normal process for upgrading the driver (which is mostly automated and transparent to most users) you would not have seen this.
If nothing else this sets a very dangerous precedent.
Crap like DRM is bad enough, but if this sort of behaviour is allowed (e.g. by Microsoft including it in updates), and is considered "acceptable", what next?
Printer bricked after using knock-off cartridge?
Hard disk wiped if MS discovers your license number is a copy?
Phone bricked after using a fake battery?
I used to be a panasonic camera (digicam) fan and owned quite a few of them. then, one day, they decided to chip their batteries and the aftermarket ones stopped working. we no longer had any choice in how much we would pay for camera li-ion batteries. at that point, I stopped buying pany cams.
I've heard that the battery makers have worked around this, but I have given up on pany cams and won't ever come back.
pany doesn't care, of course. but I just can't give pany my money, at least for cameras.
its a shame when a good vendor turns to the dark side.
Breaking News: FTDI removes humor of makers through bad update !!!
Oooh, Krater, be careful, seems you are coming over to the dark side
No ! Never ! The Force is strong with my one !
We have cake....
But I rather like pizza...
"I'd like to order a large pie, extra cheese and extra zero's, please."
All the moderators must be asleep.
I'm new here, and was wondering if this forum is essentially unmoderated. Certainly, there seems to be a troll infestation
Does anyone have more details on this - which driver versions zero out the PID, which ones don't?
I don't have any firm evidence that 2.12.0 is the version which introduced this issue, but the previous version from FTDI's web page (2.10.0) does not contain a licence file.
The licence file in 2.12.0 says (in part)
"1.5 The Software will not function properly on or with a component that is not a Genuine FTDI Component. Use of the Software as a driver for, or installation of the Software onto, a component that is not a Genuine FTDI Component, including without limitation counterfeit components, MAY IRRETRIEVABLY DAMAGE THAT COMPONENT. It is the Licensee's responsibility to make sure that all chips it installs the Software on, or uses the Software as a driver for, are Genuine FTDI Components. If in doubt then contact the Licensor. "
Of course, if you had just followed the normal process for upgrading the driver (which is mostly automated and transparent to most users) you would not have seen this.
Okay, now is clear it's intentionally destruction of hardware, not accidently or anything else. I don't see any reason why we should spare FTDI. No new design with FTDI chips.
Im sure in Germany this is a crime, but I don't think any court will make anything for a 3$ usb-bridge.
Breaking News: FTDI removes humor of makers through bad update !!!
Oooh, Krater, be careful, seems you are coming over to the dark side
No ! Never ! The Force is strong with my one !
We have cake....
But I rather like pizza...
"I'd like to order a large pie, extra cheese and extra zero's, please."
I want a 2 between my 1's ans 0's !
All the moderators must be asleep.
I'm new here, and was wondering if this forum is essentially unmoderated. Certainly, there seems to be a troll infestation
Sorry, normally we don't need moderation, but at this thread, what you are expect here ? We know that FTDI is doing shit, we know thats in the driver update, and we know it's doing just shit with chinese clones. Is there anything thats not sayd ?
All the moderators must be asleep.
I'm new here, and was wondering if this forum is essentially unmoderated. Certainly, there seems to be a troll infestation
"dave's not here, man"
(but will probably wake up shortly).
Okay, now is clear it's intentionally destruction of hardware, not accidently or anything else. I don't see any reason why we should spare FTDI. No new design with FTDI chips.
It's not just the terms and conditions, they're
bragging about it on Twitter ...
FTDI is definitely not targeting end users - if you're unsure if ICs are genuine then please don't use the drivers.
yeh, it used to be cp21xx that had a bad reputation because there were so many fakes and they constantly updated the drivers to break them so it seemed the they never worked
Are you sure you don't mean the Prolific chip (PL2303)?
The CP21xx (Silabs), I don't recall there ever being any problems with breaking drivers or known fakes.
But the Prolific's did have those issues, however I don't think they intentionally broke drivers, but just that the new drivers didn't work with the fake chips, and they didn't actually go out of their way to reprogram the chips as FTDI has done.
Okay, now is clear it's intentionally destruction of hardware, not accidently or anything else. I don't see any reason why we should spare FTDI. No new design with FTDI chips.
It's not just the terms and conditions, they're bragging about it on Twitter ...
FTDI is definitely not targeting end users - if you're unsure if ICs are genuine then please don't use the drivers.
I believe in the good in the mankind. Twitter can be hacked, updates not.
Okay, now is clear it's intentionally destruction of hardware, not accidently or anything else. I don't see any reason why we should spare FTDI. No new design with FTDI chips.
If a chip tells the operating system it is a specific FTDI part and requests it to load FTDI drivers for that part how the hell can FTDI be held responsible for anything their drivers do to a chip which isn't their part?
How could they possibly give assurances that their drivers will not damage chips over which they have no control?
Having established the chip wasn't the specific FTDI part it claimed to be you could argue correcting an invalid PID improved not damaged the part.
Anyone know if this affects deivces other than FT232?
I have a FT245 here that is probably fake, with external EEPROM. Not affected
Okay, now is clear it's intentionally destruction of hardware, not accidently or anything else. I don't see any reason why we should spare FTDI. No new design with FTDI chips.
If a chip tells the operating system it is a specific FTDI part and requests it to load FTDI drivers for that part how the hell can FTDI be held responsible for anything their drivers do to a chip which isn't their part?
How could they possibly give assurances that their drivers will not damage chips over which they have no control?
Having established the chip wasn't the specific FTDI part it claimed to be you could argue correcting an invalid PID improved not damaged the part.
Okay, if they added a function intentionally to brick chips that are not ftdi, than they responsible. It's not just a accident or incompatibility that damages the chip. The changes in license points to that they do it intentionally.
Its the same reason why you (in Germany) can't simply put landmines to your property and say "I've never sayd the kids should play on it...".
For my attitude of morality, they are responsible, and for german law(they sell in Germany) too. I can't say anything about other people or countries.
FYI KPR8 has been sent to the sin bin.
Wow, 1400 guests viewing this thread!
It is a disaster here, hackaday and slashdot for FTDI. And looks like they are prepared and planted a lot of trolls to go in for the offence. But they can't bulldoze through because the converter chips are just too popular. The whole orchestrated movement expose the FTDI as one of the worst companies. It is more than a rookie's mistake by a fresh MBA that came in without knowing the impact.
Would you feel the same way if the chip didn't say FTDI on it, but implemented their interface? Because this is legitimate reverse engineering. It's the only reason we have a commodity PC market, and it's something that should be encouraged. FTDI is of course not required to support such efforts, nor are they expected to be happy about it. However it certainly doesn't give them the legal or moral right to intentionally break their competitor's implementation permanently.
The driver has absolutely no way of checking whether the chip says FTDI on it or not, so it cannot assume that every one that fails the "is it genuine" check (anyone here with a USB analyser and both the real and clone chips care to do some analysis on figuring out what exactly is the behavioural difference?) is illegally using the trademark and not just some generic brand.
From
http://en.wikipedia.org/wiki/Semiconductor_Chip_Protection_Act_of_1984#Reverse_engineering_not_prohibitedThe SCPA permits competitive emulation of a chip by means of reverse engineering. The ordinary test for illegal copying (mask work infringement) is the "substantial similarity" test of copyright law,[7] but when the defense of reverse engineering is involved and supported by probative evidence (usually, the so-called paper trail of design and development work), the similarity must be greater.[8] Then, the accused chip topography must be substantially identical (truly copied by rote, so-called slavish copying), rather than just substantially similar, for the defendant to be liable for infringement.[9] Most world chip topography protection laws provide for a reverse engineering privilege.
The clone vs. real die pictures posted somewhere near the beginning of this thread shows that they're completely different, so it is a product of legal reverse-engineering. The clone doesn't even have any "FTDI" marking on the die.
Bottom line, this is trademark infringement, and trademark infringement alone. Well perhaps copyright infringement as well, as they might ship the driver, but since it comes with Windows I'm not so sure about that... Either way it certainly doesn't warrant a malicious approach. This is Sony Rootkit levels of unjustified, malicious overkill.
It's only trademark infringement when the chip is being sold with FTDI markings. If it's unmarked, or marked with any name other than FTDI, it does not infringe on FTDI's trademark.
If someone has a fake, can you check the chips serial number(not the USBID number, not serial stored in external eeprom)?
Each of the chips has a unique serial number ( it can be read), it could be the fakes all have the same serial number because they were too lazy/cheap to laser cut / program it.
In which case it would be an easy matter to do a search in the driver for that serial number and mask it out.
In which case it would be an easy matter to do a search in the driver for that serial number and mask it out.
The driver is signed, if you change anything it will not work again.
It's only trademark infringement when the chip is being sold with FTDI markings. If it's unmarked, or marked with any name other than FTDI, it does not infringe on FTDI's trademark.
They're trying to make it a copyright/licensing issue (I think) via the new license "agreement" in their drivers.
Having said that, my reading suggests that at least some (perhaps many/most) fake chips are branded with FTDI.
I think the missed opportunity here is a license from FTDI for the low, low cost of $5 to continue using a counterfeit device...
Perhaps it's a break, then fix sort of thing.
If someone has a fake, can you check the chips serial number(not the USBID number, not serial stored in external eeprom)?
Each of the chips has a unique serial number ( it can be read), it could be the fakes all have the same serial number because they were too lazy/cheap to laser cut / program it.
In which case it would be an easy matter to do a search in the driver for that serial number and mask it out.
the various fakes that I've personally had all had non-null serial numbers. its only the pid that was all 0's.
I had a long set of emails with one vendor (sunfounder is the name) on amazon who sold me one with all 0's. I wrote an amazon review of it, he saw it (amazon probably reacted to my review and halted his sales) and the next few that I was sent by that vendor did NOT have 0's as the pid. the vendor swears to me that he buys directly from ftdi and was trying his best to make the situation right again. I can't tell, to be honest; was it amazon's halting of his sales that made him 'sorry' or was it sincere? was the unit that I got a customer return who plugged it into windows and windows zero'd it out? impossible to tell.
but all of the ones that I got had serial number strings that 'looked' reasonable. only the PID was 0000.
I think the missed opportunity here is a license available for the low, low cost of $5 to continue using a counterfeit device...
Perhaps it's a break, then fix sort of thing.
how would that work on linux? linux has source-based code and you can't force a binary blob down (usually) and get away with it once the source is already out there.
you could stop the mac and windows users but linux lets users see and modify source code. the vendor can't threaten linux users. they probably knew this and so they (apparently) decided there was ONE 'fix' for all os's. and I use the word 'fix' in the most non-literal sense.
then again, a linux driver update to ftdi_sio.[ch] may be coming soon that allows the 0000 pid.