Prolific-gate -or- Why should FTDI be the only assholes

[ataradov]

For a dedicated device having kernel drivers is also not necessary. Just have Windows install a generic WinUSB driver and use WinUSB to talk to the device. The only time you really need drivers if the device provides a common service.

Making custom drivers for a serial port is stupid no matter what.

[ve7xen]

IP infringement is theft and is prosecuted as such in the UK. This CPS link describes the prosecution of trademark infringement and it specifically describes the role of the Theft Act 1968. The relevant quote is "'loss' includes a loss by not getting what one might get, as well as a loss by parting with what one has". That is the crux of IP theft, it is exactly the loss of revenue due to such fraudulent activity.

So it is theft. Please stop saying it isn't!

No, it is not. If you bothered to read your own link, instead of Googling for something that supports your incorrect view and skimming it, you would realize that it is referencing the Theft Act due to the definition of gain, not the definition of intellectual property. In no part of this article is IP infringement equated with theft. The idea of treating IP infringement the same as theft is absurd.

You can read the UK definition of 'theft' in the Theft Act 1968 too https://www.legislation.gov.uk/ukpga/1968/60/crossheading/definition-of-theft :

"A person is guilty of theft if he dishonestly appropriates property belonging to another with the intention of permanently depriving the other of it; and “thief” and “steal” shall be construed accordingly."

Emphasis mine, as it is a key difference between theft and IP infringement. You will also note that the Theft Act 1968 doesn't include any discussion of IP at all.

That is the fun part of all this. FTDI's strategy is perhaps novel, in Europe anyway. I agree, you are not allowed to break someone else's stuff, but by using counterfeit products you have lost the moral high ground and there are legal arguments to be made. Your stuff should have been confiscated anyway.

Vigilantism is not legally or morally defensible - regardless of your moral position on the trademark use.

True. But I would argue that the silicon itself was playing a role as a copy protection mechanism, since it takes significant investment to duplicate the device functionality such that it would work with the FTDI driver. Taken together, this demonstrates deliberate conspiracy to defraud.

lolwut. That's not how even the ridiculous DMCA defines a copy protection mechanism. You might try to argue this, but it's a crazy thing to argue. It's very clear in this case that the IC is purely functional and doesn't contain any copy protection mechanism.

Yes, you literally can. Well, officers of the law can. Many tourists returning from foreign climes with fake designer goods are disappointed to have them confiscated upon entry to a jurisdiction signed up to WIPO. Such fake goods are trademark infringements and are still subject to confiscation even when the consumer has taken 'ownership'. Confiscations are uncommon once through the borders, simply because it's not worth the effort policing it. The idea that counterfeit goods are fine 'n' dandy and legal now they are in my hands is plain wrong.

That's true, importing is an exception and infringing stuff can be seized at the border. Otherwise, though, trademark does not generally extend to non-commercial activities, and owning something as an end user is clearly not commercial use of the trademark. As it relates to physical property, unless you are trying to sell it or import it, trademark doesn't come into play at all. There's no law that would allow the seizure or destruction of FTDI chips once they're in the hands of the end user, at least in Canada / the US, I'm not familiar with UK law but that would be pretty absurd. The point of trademark is to protect against confusion in the marketplace, and that objective is not served by seizing goods that have already made it through the marketplace to the end user.

Trust in supply chains is more important than ever these days. Shady folks will just look for the cheapest workable options, whether fake or not. Legit businesses worry more. At least the FTDI event was relatively benign. It could have been worse, maybe some fake op-amps that burst into oscillation in your motor control loop or whatever.

What makes FTDI's actions a problem is intent. If a functional clone has a problem that causes damage, that's a result of the clone's poor implementation. It doesn't mean it's okay for the original manufacturer to intentionally sabotage functional clones. After all, clones are completely legal absent the trademark issues, as I have already explained. FTDI's legal remedy here is to go after distributors etc. of the chips and products that are misrepresenting their brand. Going after end users in the way that they did is both stupid and probably illegal.

You've also completely neglected to address several other important points here, like whether a given device is infringing at all - a complex device of which the FTDI IC is only a small component is probably not infringing even if the IC itself is, or the fact that the driver can't detect trademark infringement.

It gets really tiresome arguing about IP issues online because so many people are confidently incorrect about the 3 kinds of protected IP and the differences in how each is protected. I don't know why people get so dug in with their incorrect assumptions of how it works either, when they clearly have very little understanding of the actual law.

[SiliconWizard]

After all, clones are completely legal absent the trademark issues, as I have already explained. FTDI's legal remedy here is to go after distributors etc. of the chips and products that are misrepresenting their brand.

You're again funnily twisting reality to try and make your point.
A "clone" using the brand of the original manufacturer is the definition of a counterfeit. It's not just a clone with trademark issues.
You've somehow invented a legal frame in which counterfeiting doesn't exist, and in which counterfeits are merely clones with maybe trademark infringement, no big deal right? Nice.

Sure if the device doesn't try to pass as genuine in any way and would just be a clone, no problem, you'd be right. I don't think that was the case for the FTDI counterfeits, but please show me some of those "clones" that were looking different enough from FTDI parts that they could not be called counterfeits. I haven't seen them, but who knows.

Counterfeited ICs have become a very serious issue anyway and the shortage is just making things worse. There is no situation in my book where counterfeiting is ever acceptable. Just cloning is a different story altogether. But other peoples' books may read differently. As long as you don't get caught, for many, ethics is kind of elastic.

Now to be completely fair - from FTDI drivers' POV, there may not have been a way to distinguish mere clones from counterfeits (even though the absolute majority of such devices in circulation were indeed counterfeits), so that would be the point against their action. But then, reality strikes again, and please show us significant cases of such devices that were only clones but NOT counterfeits and that were rendered unusable by FTDI's drivers. I don't know of any such case, and while that may have existed in theory, that's likely just theory.

[Bassman59]

What's the difference? In both cases the devices stop working and I'm convinced that in both cases the FTDI haters gonna be
FTDI haters. The only thing they want is that FTDI drivers continue to work with fake chips. Anything else is unacceptable for
them.

I'd think that's a prejudice. I'm totally fine with drivers ignoring fake chips. It can be annoying but it's a reasonable way the manufacturer can deal with fake chips legally.

My point is, there is no difference. In both cases, the device that contains the counterfeit chip, stops working.
So, why is it a problem if the vid & pid of the counterfeit chip are set to zero?
If it's a one-off device and/or hobby use: simply replace the chip.
If you sold devices to your customers, you have a problem anyway. Goodluck telling your customers to rollback a driver because you used a counterfeit chip...

I would like to take a poll. This forum is ostensibly inhabited by professional electronics engineers -- in other words, people whose job it is to design electronic products for sale either to businesses or to the general public.

The poll: what would you do if you discovered your products were being cloned and sold to unwary customers as if they were your product?

[ve7xen]

You're again funnily twisting reality to try and make your point.
A "clone" using the brand of the original manufacturer is the definition of a counterfeit. It's not just a clone with trademark issues.
You've somehow invented a legal frame in which counterfeiting doesn't exist, and in which counterfeits are merely clones with maybe trademark infringement, no big deal right? Nice.

The trademark misuse makes it a counterfeit, not a clone. If it's a functional clone without the trademark infringement, it's completely legal (modulo parallel patent issues, which don't seem to be in play here), and we see this pretty often, for a modern example see the GD32F103 - both counterfeit (ST marked) and completely legal (GD marked) clones of ST's design exist. Do unmarked FTDI clones exist? I'm not sure of course, but I can almost guarantee that at least one product has shipped with the markings ground off or the ICs unmarked. The point is you can't distinguish between a functional clone (legal) and a counterfeit (illegal) from the driver.

[voltsandjolts]

Hello sir,

So it is theft. Please stop saying it isn't!

No, it is not.
...
note that the Theft Act 1968 doesn't include any discussion of IP at all.

I think we are discussing semantics here. I never suggested IP was mentioned in the Theft Act.
From that CPS link I gave, to convict someone of a trademark violation "it is also necessary for the prosecutor to prove that the person conducted the activities "… with a view to gain for himself or another, or with intent to cause loss to another."" - where gain and loss are stated to be defined in the Theft Act 1968. So, without the Theft Act there could be no conviction of trademark infringement. Ergo, it is theft, in legal terms and in common language terms. IANAL so perhaps my legal understanding is rudimentary, but I'm afraid, rightly or wrongly, you're not going to convince me that IP infringement is not theft. So we should perhaps agree to disagree and leave it at that.

Edit:
Perhaps you are trying to point out that the conviction of a trademark violation would not be under the Theft Act 1968, in which case I agree. The conviction would be under the Trade Marks Act 1994, but this conviction requires loss/gain to be proven (i.e. a theft) as defined by the Theft Act. So a proven trademark violation conviction includes an act of theft. It is theft.
/Edit

Edit2:
Wait, I think I got it now...
A trade mark infringement causes the rights holder to suffer a monetary loss, where 'loss' is defined within the Theft Act. But the Theft Act itself is not contravened, because the loss/gain transfer is not a direct transfer of monies from one party to the other. Thus, it is fraud, not a direct theft. So, a conviction under the Trade Mark Act infers guilt of fraud, and not of theft. Have I got that right? My overly broad interpretation of theft and the definition of loss/gain being within the Theft Act got me confused.

"A person is guilty of theft if he dishonestly appropriates property belonging to another with the intention of permanently depriving the other of it; and “thief” and “steal” shall be construed accordingly."

The IP infringement was intended to deprive the rights holder of revenue. Permanently, they weren't intending to return it, were they? So I don't see how that supports your argument. Perhaps 'property' doesn't technically include monies, IDK.
/Edit2

...I would argue that the silicon itself was playing a role as a copy protection mechanism, since it takes significant investment to duplicate the device functionality such that it would work with the FTDI driver. Taken together, this demonstrates deliberate conspiracy to defraud.

lol wut. That's not how even the ridiculous DMCA defines a copy protection mechanism. You might try to argue this, but it's a crazy thing to argue. It's very clear in this case that the IC is purely functional and doesn't contain any copy protection mechanism.

My argument is that the copy protection mechanism is the _custom_ silicon itself and functionality thereof. That took investment to overcome and re-implement, as it would for any hardware USB dongle. How high is the bar for establishing a protection mechanism anyway? It's not a requirement to include encryption, is it? Anyhow, while the trademark infringement is an undisputed fact, I'm sure lawyers would love to argue over a copyright infringement for a few days. Legal cases have been won and lost on such dubious points and technicalities.

...importing is an exception and infringing stuff can be seized at the border.

Yes. Whenever you pass through a WIPO customs point, however long the individual has owned the goods, they are subject to confiscation.

Otherwise, though, trademark does not generally extend to non-commercial activities...owning something as an end user is clearly not commercial use of the trademark. As it relates to physical property, unless you are trying to sell it or import it, trademark doesn't come into play at all.
There's no law that would allow the seizure or destruction of FTDI chips once they're in the hands of the end user...

Giving someone a gift of a counterfeit product is a non-commercial activity, and that is also illegal. i.e. transfer of ownership not permitted.
Owning is not illegal. But if you break these rules, it is still subject to forfeiture, if you are caught.

What makes FTDI's actions a problem is intent. If a functional clone has a problem that causes damage, that's a result of the clone's poor implementation. It doesn't mean it's okay for the original manufacturer to intentionally sabotage functional clones. After all, clones are completely legal absent the trademark issues, as I have already explained. FTDI's legal remedy here is to go after distributors etc. of the chips and products that are misrepresenting their brand. Going after end users in the way that they did is both stupid and probably illegal.

Agreed. But, disty's are mostly in China so not much hope of legal recourse there.
It's an interesting and novel approach, and they seem to have gotten away with it in a legal sense.

You've also completely neglected to address several other important points here, like whether a given device is infringing at all - a complex device of which the FTDI IC is only a small component is probably not infringing even if the IC itself is, or the fact that the driver can't detect trademark infringement.

Hmm, call me skeptical.
That would suggest you can legally use counterfeit ICs as long as you make the system complex enough.

It gets really tiresome arguing about IP issues online because so many people are confidently incorrect about the 3 kinds of protected IP and the differences in how each is protected. I don't know why people get so dug in with their incorrect assumptions of how it works either, when they clearly have very little understanding of the actual law.

Because stubborn. And its much much cheaper to hangout here than in TEA thread.

[SpacedCowboy]

I would like to take a poll. This forum is ostensibly inhabited by professional electronics engineers -- in other words, people whose job it is to design electronic products for sale either to businesses or to the general public.

The poll: what would you do if you discovered your products were being cloned and sold to unwary customers as if they were your product?

If I could detect my own devices from the counterfeit ones (which I believe was the case for FTDI, "clones" are rarely perfect), and I'd written software to enable those devices, I'd make sure my driver only worked with my own devices.

What I wouldn't do is vandalize anything I detected as not my own.

[nctnico]

I would like to take a poll. This forum is ostensibly inhabited by professional electronics engineers -- in other words, people whose job it is to design electronic products for sale either to businesses or to the general public.

The poll: what would you do if you discovered your products were being cloned and sold to unwary customers as if they were your product?

If I could detect my own devices from the counterfeit ones (which I believe was the case for FTDI, "clones" are rarely perfect), and I'd written software to enable those devices, I'd make sure my driver only worked with my own devices.

What I wouldn't do is vandalize anything I detected as not my own.

The the problem is that you'll need to be 100% sure that the detection works all the time. A design that has been developed with such a feature in mind will certainly help. IMHO the best way is to come up with a new & improved device (or firmware updates that won't work on a clone).

You also need to consider whether the buyers of the 'clones' are willing to pay the full price. If that turns out to be not a lot, then your monetary loss due to the clones is not high so how much R&D time do you want to make your customers pay for that gives them no benefit?

[SpacedCowboy]

The crucial thing here is "do no harm". If it turns out that I've screwed up, and my devices are sometimes not detected (and let's be clear, something like this ought to go through every QA test you can think of, and then again, backwards), then all I need to do to fix the issue in this absolute worst-case scenario is bump the driver again.

I think people are a lot more forgiving of "there was a bug in our driver" than "oh, sorry, we bricked^* your hardware"

And yeah, later firmware ought to do a challenge/response or something that's a lot harder to falsify...


*: For a sufficiently flexible definition of "bricked".

[nctnico]

The crucial thing here is "do no harm". If it turns out that I've screwed up, and my devices are sometimes not detected (and let's be clear, something like this ought to go through every QA test you can think of, and then again, backwards), then all I need to do to fix the issue in this absolute worst-case scenario is bump the driver again.

Yes, but keep in mind that your customers are paying for the R&D you put into copy-protection. I've seen devices that got rather expensive just because of the copy protection measures where the creators likely could have made more money by just putting the product on the market for 1/3rd of the price.

[T3sl4co1l]

Perhaps I miss something but why can't a normal user or small business write their own driver for Windows ?
What is the hurdle ?

It's a pain in the butt requiring knowledge that few developers actually have. And since it's very low-level system-wise, any bug can have "catastrophic" consequences. (Then the MS WHQL program doesn't help either for the company's image if it decides not to go through.) That's just why.

If you're ready to go through all this while making sure your product will be reliable, by all means, do it.
If not, there are off-the-shelf solutions that work just fine for a very reasonable cost. While the $1 to $2 price tag may be too much for chinese companies that sell cheap gadgets at ultra low prices (and thus it makes a lot of sense for them to come up with their own solution), it rarely is a problem for a western company designing products with a decent margin.

Now sure, there is this "recent" trend that almost any IC has become potentially unobtainium, and you need to find alternative solutions. But then that's a situation that is completely "new" and requires some creativity. Whether one will cross the line of ethics to make it (such as *knowingly* buying counterfeits) is a serious, but non-technical question.

Food for thought: consider all those various displays, mall kiosks, airport announcing screens, etc. you've likely seen with prominent BSoDs draped across them.  Well, those are all custom hardware, right?  Well, one would hope, they're just VGA/DVI/HDMI compatible and that's that, enumerates as generic display, no big deal; but that's hard, too (e.g. needs HDMI decoder?).  Maybe it's easier to build those with custom hardware.  Maybe it's just a memory mapped framebuffer, super easy, but it still needs driver support.  And software is always buggy, most especially the low quantity stuff, like for supporting a few thousand displays like this.  Or, even if they aren't using custom adapter hardware, the computers may be SBCs with poorly supported peripherals or such, and something else onboard is making it unstable.

So yeah, it reflects poorly on MS, everyone gets to see their most famous error screen and have a laugh ha ha.  Well, to their credit, consider the sheer diversity of hardware they've supported over the decades, it's a testament to their core kernel team, their testing and support, that so many things Just Work(TM) as well as they do.


Even just among consumer equipment, the worst I've used was an, I think, ATI Radeon 4250HD or something like that; onboard graphics, lackluster performance anyway, as onboard graphics are wont to be.  But the most jarring thing was, on exit from a full-screen 3D application, the desktop repaints, alright fine, not enough framebuffer to hold onto that, and then it's normal... for about 15 seconds, then suddenly BLACK, big redraw, CPU chugging, and only then it's done and back to normal.  Almost like they didn't have a solution to ship, fuck it, reboot the whole goddamned driver/adapter to get it back to a clean [2D desktop] state.  I don't think I had BSoDs on that one, but who knows, maybe they made it do that to avoid worse.  Can't say I've had anything else do that, at least not in over a decade, and that was worth a few bucks.  (I do recall some early-ish graphics cards that, I don't remember what the circumstance was, maybe the application crashing, maybe tabbing out, maybe closing normally, maybe resizing the desktop, I don't know -- but under some circumstances I might return to desktop and a bunch of past framebuffer contents would show up around the edges, before the desktop finished repainting.  Sometimes including frames of videos I'd watcher earlier, with corrupted colors, or noisy or blocky-garbled appearance.  Which would be interesting, but was also a bit chilling, considering what kinds of videos a teenaged boy might've been watching on the internet... )

Which goes to show you, even within one corporation, you shouldn't expect consistency -- demand it, certainly, but don't be surprised when you don't get it.  Another example, I strongly sense the same about the quality of TI products.

Tim

[peter-h]

I haven't read the whole thread but basically FTDI established themselves as the only vendor with any support, and a quality product, years back before they vanished from the West and became just a Taiwanese outfit. They had a place in Scotland where their support was and it was really good.

At the time, Prolific were completely useless and AFAICT they still are, but are clearly much cheaper than FTDI; probably 1/5 of the price in volume. I make a number of products with the FT232 and they just work everywhere and keep working.

Unfortunately FTDI have jumped on the same profiteering bandwagon as most others and have stopped shipping unless you pay (via the UK disti, this is) a hefty 30% uplift. So obviously I am hoping that this shortage bubble explodes ASAP and we have a really deep bloodbath, just like always happened after a bubble in this crazy business (74HC245, going from 25p to £2.50 and back to 25p).

[ozcar]

I haven't read the whole thread but basically FTDI established themselves as the only vendor with any support, and a quality product, years back before they vanished from the West and became just a Taiwanese outfit. They had a place in Scotland where their support was and it was really good.

I thought FTDI still had a presence in sunny Glasgow?

I haven't read the whole thread either, but the starting point appears to be that Prolific have (recently??) decided to follow FTDI's lead. Perhaps Prolific did of late improve their ability to detect fakes, and perhaps also altered somewhat how the driver responds, but this thread, from way before the FTDIgate time suggests Prolific may have been the pioneers: https://eevblog.com/forum/reviews/note-how-to-not-get-scammed-with-prolific-(pl2303)-usb-serial-adapters/ .

 

[langwadt]

I haven't read the whole thread but basically FTDI established themselves as the only vendor with any support, and a quality product, years back before they vanished from the West and became just a Taiwanese outfit. They had a place in Scotland where their support was and it was really good.

I thought FTDI still had a presence in sunny Glasgow?

I haven't read the whole thread either, but the starting point appears to be that Prolific have (recently??) decided to follow FTDI's lead. Perhaps Prolific did of late improve their ability to detect fakes, and perhaps also altered somewhat how the driver responds, but this thread, from way before the FTDIgate time suggests Prolific may have been the pioneers: https://eevblog.com/forum/reviews/note-how-to-not-get-scammed-with-prolific-(pl2303)-usb-serial-adapters/ .

afair Prolific did something so the numerous fakes stopped working, so buying Prolific was like a lottery ticket and everyone started buying FTDI because they always "just worked". Then FTDI decided that, just like Prolific, making all your potential costumers doubt if something with FTDI written on it would actually work (real or fake, how can you be sure), would be a great idea

[ve7xen]

Wait, I think I got it now...
A trade mark infringement causes the rights holder to suffer a monetary loss, where 'loss' is defined within the Theft Act. But the Theft Act itself is not contravened, because the loss/gain transfer is not a direct transfer of monies from one party to the other. Thus, it is fraud, not a direct theft. So, a conviction under the Trade Mark Act infers guilt of fraud, and not of theft. Have I got that right? My overly broad interpretation of theft and the definition of loss/gain being within the Theft Act got me confused.

It's not necessarily fraud either. I suppose it could be in very specific circumstances, and it's much closer than calling it theft, but trademark - and patent, and copyright - are separate things for a reason: because they are not well covered by other laws, or we'd have just used those from the start. What makes a theft a theft is that you are depriving the original owner of their asset / property, which is never the case in an IP infringement, and especially not in the case of trademark.

The IP infringement was intended to deprive the rights holder of revenue. Permanently, they weren't intending to return it, were they? So I don't see how that supports your argument. Perhaps 'property' doesn't technically include monies, IDK.

Speculation about potential lost revenue is not remotely the same thing as depriving someone of their concrete asset or property. Of course property includes money, but we're not talking about money, we're talking about potential revenues. It's hard to estimate how much potential revenue may have been lost, if any - it's not necessarily zero-sum here. Trademark infringement also doesn't depend on revenue; it's still an infringement whether there's a projected loss of revenue or not. Hell, it could be an infringement even if there's a gain as a result. What matters is that there is intent to create a gain for yourself or harm another, whether or not you achieved it, and whether or not your gain represents a corresponding loss to the trademark holder. For example I'm pretty sure Disney doesn't lose any revenue when daycares paint their characters in the classrooms, but they're entitled to go after them anyway since they are gaining from the infringement.

My argument is that the copy protection mechanism is the _custom_ silicon itself and functionality thereof. That took investment to overcome and re-implement, as it would for any hardware USB dongle. How high is the bar for establishing a protection mechanism anyway? It's not a requirement to include encryption, is it? Anyhow, while the trademark infringement is an undisputed fact, I'm sure lawyers would love to argue over a copyright infringement for a few days. Legal cases have been won and lost on such dubious points and technicalities.

Basically it needs to be intended specifically to be a copy protection, and 'effective', which is far too weak a requirement in my opinion, but even that weak requirement is not met here. It's very clear that the FTDI chip is not a copy protection mechanism for the driver - the driver is fundamentally useless without it, and no functionality in the chip is intended to protect the copyright of the driver. You're right that the lawyers would probably love to fight this, and at least in the US where IP protection judgments have gotten pretty incredulously stupid in the past decade, it's still going to be a steep uphill battle and is clearly outside the intent of the law.

That would suggest you can legally use counterfeit ICs as long as you make the system complex enough.

Yes, that's the point. Again, the point of trademark is to protect consumers from being confused or deceived about the product. If I'm buying a 3D printer or whatever, I'm not being deceived by the markings on the cloned FTDI IC that is buried inside the printer, and no claims about its authenticity or brand are made. That trademark was infringed by the IC manufacturer, and they are the ones culpable, not the 3D printer manufacturer that included an infringing product as a small element of the product. I believe you'd have to show that Prusa or whoever's complete product itself was infringing, which would be difficult. At least that is my interpretation, there is definitely a grey area here, but it doesn't seem reasonable and proportionate that an arbitrarily complex product that doesn't even use the protected mark in a meaningful way, where the 'infringement' is on a $0.50 component of a $2000 system makes the whole thing infringing and subject to seizure and sanction. Especially given the intent of the law.

Because stubborn. And its much much cheaper to hangout here than in TEA thread.

Agreed!

[Bicurico]

Some years ago, in the satellite TV community (= the ones that like to open PayTV without a subscription), the "Dreambox" brand was very popular.

This was the brand that further developed the Enigma/Enigma2 firmware, basically a Linux based platform for TV receivers, which allowed the installation of plugins and scripts.

Because Enigma/Enigma2 were open source, a huge community developed with alternative firmware distributions and, soon enough, other competing receiver manufacturer offered their own Enigma/Enigma2 based receivers. The trademark for "Enigma2" ended up being patented/registered by Dream Multimedia (the manufacturer of the Dreambox models). Competitors had to refer to E2 instead of Enigma2.

So far, all OK and legal.

But shortly, when Dream Multi Media launched their DM500S receiver, chinese clones started to appear: they looked 100% the same (even with the logo) and naturally used the same FW.

The same happend for some other good enough E2 receivers.

This led Dream Multimedia to develop new models of their receiver with dongles (!). The bootloader would verify the presence of the dongle and if it was not present, it would wipe the flash. This was a huge issue, because many people ended up with having a brick in their living room, after updating the FW. Many did not even understand they had a clone.

Then newer clones appeared with a hacked dongle!

And from there on, it was a cat and mouse game.

Why am I writing this? Because this discussion reminded me of it and to leave the note that it is really difficult to protect against clones. If you think you can build a clever routine that can distinguish a clone from the original, think again and don't underestimate the people behind clones. They will clone the protection mechanism, too.

Regarding Prolific: I have some devices that use cloned IC's. All I have to do is to install an old driver.

But yes, it sucks sitting on a device 100x more expensive than the Prolific IC and not being able to use it until an old driver is found and Windows convinced to accept the unsigned driver.

Cheers,
Vitor

[peter-h]

FTDI was the only product which had an external EEPROM for storing unique IDs, so you could make a USB VCP product which could be plugged into any USB port on a given PC (even on a hub) and it always came up on the same COM port number. Now, FTDI have a version which has an internal EEPROM instead.

Whereas Prolific (PL2303) would be a different COM port each time which was a total nightmare for customer support, plus a hassle for any system which you set up and hoped it would just keep working. Prolific were just the typical chinese company, sell them cheap and to hell with support.

FTDI may still have a tech office in Scotland but there is no "power" there.

[madires]

The PL2303's EEPROM stores VID and PID, but no serial number. If you attach multiple PL2303s with the same VID/PID pair the OS can't assign fixed ports because all devices look the same. As a manufacturer/vendor you could (should?) program your own VID/PID pair and provide an adapted driver to mitigate this issue. However, If the user connects two or more of your devices the fun starts again. Most of the vendors using a PL2303 go for the cheap solution, i.e. Prolific's VID/PID pair and no dedicated driver.

PS: Some OSs support tying serial ports to adapters based on the USB port.

[Karel]

From this page: https://ftdichip.com/careers/ it looks like FTDI moved from the UK to Singapore...

[peter-h]

provide an adapted driver to mitigate this issue

That is useless, since one wants to use either FTDI's driver or, in "modern" times, the one which win7+ downloads automatically.

looks like FTDI moved from the UK to Singapore...

Most likely, some years ago, and focusing on high volume OEMs. There is a UK disti but they have very little power.

It's a very unsatisfactory situation, but then everything is right now, and when the bubble bursts and the bloodbath starts, they will be all over us to sell us chips... same old story.

Best we can do is design-out all the really nasty firms (start with Maxim) and keep a lot of stock of crucial parts.

[SiliconWizard]

From this page: https://ftdichip.com/careers/ it looks like FTDI moved from the UK to Singapore...

That sucks.
treez would probably have a word or two to say about this, although he tends to focus on power supplies.
But we can wonder if there's any hope of still having any semiconductor industry in Europe by the next decade.
The big "switch" will be when STM gets bought by some asian company.

[nctnico]

From this page: https://ftdichip.com/careers/ it looks like FTDI moved from the UK to Singapore...

That sucks.
treez would probably have a word or two to say about this, although he tends to focus on power supplies.
But we can wonder if there's any hope of still having any semiconductor industry in Europe by the next decade.
The big "switch" will be when STM gets bought by some asian company.

Besides ST there is also NXP and Infineon.

[boyddotee]

Perhaps I miss something but why can't a normal user or small business write their own driver for Windows ?
What is the hurdle ?
Perhaps a warning that it is not MS tested and signed just as with your own programm and installer, and it is your resposibility but I really hate that after removing the parallel port and rs232 ports now the new standard ports as USB are blocked.

It's near impossible these day on Windows at least to install a not correctly signed driver, certainly not something you could expect a end user to do.

It requires restarting windows into a special developer mode in recent version of win 10. Signing a driver is also relatively expensive which creates the hurdle for the small.

[SiliconWizard]

Perhaps I miss something but why can't a normal user or small business write their own driver for Windows ?
What is the hurdle ?
Perhaps a warning that it is not MS tested and signed just as with your own programm and installer, and it is your resposibility but I really hate that after removing the parallel port and rs232 ports now the new standard ports as USB are blocked.

It's near impossible these day on Windows at least to install a not correctly signed driver, certainly not something you could expect a end user to do.

It requires restarting windows into a special developer mode in recent version of win 10. Signing a driver is also relatively expensive which creates the hurdle for the small.

Yeah.

Note that in Windows, using an existing class such as HID, CDC, ... not requiring a custom driver doesn't solve the issue completely.
There's still an annoying Windows behavior that comes from its legacy: the device name in the "device manager" comes from the .INF file and not from the strings in the USB descriptors. So if you don't provide a custom .INF file for your device, you'll get a generic name in the device manager, which makes identifying your device for users much harder (and thus makes tech support much harder too.)

Now devices in Windows are listed in various ways depending on the version with some inconsistency. For instance, in Win 7, in the "devices and printers" window, USB devices are identified from the USB descriptors... so that's good. But in the "device manager", devices are identified from the info found in .INF files. Nice.

Oh and, if you provide a custom .INF file for your device, even if it links your device to base generic driver, then it will make the whole thing not signed IIRC.