And DMCA Since when is DMCA applicable to a company in Scotland (UK) and laws broken e.g. in France, Germany or Netherlands?
Quote"A month ago, we did an update to our driver, and a side effect is that counterfeit devices are putting themselves into a noncompatible state," Gordon Lunn, global customer engineer support manager at FTDI, told us. "The same API calls go out to all devices, whether genuine or nongenuine. The fake ones are not as compatible as you would expect.Trying to imply that it wasn't deliberate..QuoteHowever, the company has specifically said there is no "fake detection" algorithm in the driver.
Again, Twisting the truth to imply something other than their intentionQuoteThere is also a potential security issue (which we highlighted last month) with microcontroller-based USB devices being reprogrammed with malware. "Our understanding is we think they are microcontroller based, so they are potentially more vulnerable," Lunn said. "You can't change what a genuine device actually does."trying to spread FUD
There being no alternative driver with any ID is a clear admission that the device was always dead.Is there any chance I can convince you to say "the device was always unsupported"?
To say "it was always dead", even though users had clearly been using them for many years, is absurd (if a bit Michelangeloic). That's like suggesting that, upon its confiscation due to it having been stolen, a car that you've been driving around in for 15 years never actually moved a millimeter.
If you could convince other people not to keep saying the FTDI drivers killed, bricked, damaged, rendered inoperable, etc the device?
The devices were on life support provided by the illegal use of FTDI drivers, FTDI figured out how to and turned off the switch. I believe it was within their rights to do so. No one is stopping you resurrecting the corpses by writing some other drivers or using the legal ones on Linux.
The Dutch criminal law says 2 years in jail or a 20k euro fine if you render something which isn't yours useless:
http://wetten.overheid.nl/BWBR0001854/volledig/geldigheidsdatum_29-10-2014#TweedeBoek_TitelXXVII_Artikel350
Well if you want to press on with bullshit legal arguments I'll raise you with the DMCA. The VID and PID of a USB device could reasonably be considered to be an access control method for drivers which may be copyrighted.
Anyone using a non-genuine FTDI USB device with VID and PID causing access to copyrighted FTDI drivers without licence would be guilty of circumventing access controls and people selling such USB devices guilty of trafficking circumvention tools.
Hi Rufus,
The VID/PID is only part of an "open" hardware interface, and it is actually the operating system that "decides" [through whatever mechanism, and VID/PID is only one of those available mechanisms] to "attach" a specific driver to a USB device. So, in this case, the criterion for a violation of the DMCA is not met.
The FTDI clone companies are simply creating a "works like" compatible device, and nothing had to be "hacked" to make that happen, and everything needed to do it is in the public domain.
Now, if one of those clone companies try to pass their chips off as genuine FTDI, well that is illegal, and there are proper legal remedies for that-- none of which involves distributing illegal malware to damage innocent end-user's equipment [which is a *crime* BTW].
Regards,
Ken
There being no alternative driver with any ID is a clear admission that the device was always dead.Is there any chance I can convince you to say "the device was always unsupported"?
To say "it was always dead", even though users had clearly been using them for many years, is absurd (if a bit Michelangeloic). That's like suggesting that, upon its confiscation due to it having been stolen, a car that you've been driving around in for 15 years never actually moved a millimeter.
If you could convince other people not to keep saying the FTDI drivers killed, bricked, damaged, rendered inoperable, etc the device?
The devices were on life support provided by the illegal use of FTDI drivers, FTDI figured out how to and turned off the switch. I believe it was within their rights to do so. No one is stopping you resurrecting the corpses by writing some other drivers or using the legal ones on Linux.
The use wasn't illegal. Most people had the drivers installed automatically without being shown the EULA (in fact it was buried in an INF file somewhere) or knowing about the terms attached to the drivers. Clearly you can't break a contract that you haven't agreed to and haven't seen. Even if it is shown, whether the EULA is legally binding is questionable.
Whether FTDI could be prosecuted for what they did depends on whether evidence could be found showing they did it intentionally.
This is all a smoke screen to keep you off of the most important aspect of this case, and that is that *someone* inside of FTDI gave the order to write and distribute ILLEGAL MALWARE to damage [otherwise] innocent end-users products.
Windows* 2014-09-29
2.12.00 WHQL Certified
Available as setup executable
static int __init ftdi_init (void)
{
int retval;
dbg("%s", __FUNCTION__);
if (vendor > 0 && product > 0) {
/* Add user specified VID/PID to reserved element of table. */
int i;
for (i = 0; id_table_combined[i].idVendor; i++)
;
id_table_combined[i].match_flags = USB_DEVICE_ID_MATCH_DEVICE;
id_table_combined[i].idVendor = vendor;
id_table_combined[i].idProduct = product;
}
retval = usb_serial_register(&ftdi_sio_device);
if (retval)
goto failed_sio_register;
retval = usb_register(&ftdi_driver);
if (retval)
goto failed_usb_register;
info(DRIVER_VERSION ":" DRIVER_DESC);
return 0;
failed_usb_register:
usb_serial_deregister(&ftdi_sio_device);
failed_sio_register:
return retval;
}
if (vendor > 0 && product > 0) {
/* Add user specified VID/PID to reserved element of table. */
int i;
for (i = 0; id_table_combined.idVendor; i++)
;
id_table_combined.match_flags = USB_DEVICE_ID_MATCH_DEVICE;
id_table_combined.idVendor = vendor;
id_table_combined.idProduct = product;
}
I doubt it was tested in courts but many EULAs also say you automatically agree by using the software/service and if you don't agree then remove/return/disable the software/service to disagree to the terms. (Most websites tuck away the pages of legal stuff in another link how many people click on those links, same goes for tucking it into the inf no one reads the stuff and they are all "automatically" agreeing through use)
I doubt it was tested in courts but many EULAs also say you automatically agree by using the software/service and if you don't agree then remove/return/disable the software/service to disagree to the terms. (Most websites tuck away the pages of legal stuff in another link how many people click on those links, same goes for tucking it into the inf no one reads the stuff and they are all "automatically" agreeing through use)
I doubt it was tested in courts but many EULAs also say you automatically agree by using the software/service and if you don't agree then remove/return/disable the software/service to disagree to the terms. (Most websites tuck away the pages of legal stuff in another link how many people click on those links, same goes for tucking it into the inf no one reads the stuff and they are all "automatically" agreeing through use)http://en.wikipedia.org/wiki/Specht_v._Netscape_Communications_Corp.
IIRC the situation is similar in the EU (FTDI are based in Scotland)
Whether FTDI could be prosecuted for what they did depends on whether evidence could be found showing they did it intentionally.
I doubt it was tested in courts but many EULAs also say you automatically agree by using the software/service and if you don't agree then remove/return/disable the software/service to disagree to the terms. (Most websites tuck away the pages of legal stuff in another link how many people click on those links, same goes for tucking it into the inf no one reads the stuff and they are all "automatically" agreeing through use)Those kind of EULAs are null & void in the EU. Yes they have been tested in court. In the EU you have to agree to the terms before buying a product. Not upon opening or installing the product.
I think that there is enough evidence to show that FTDI did this intentionally, and with some forensic software people looking at their code [and supported with depositions, etc.], I think that fact can be proven beyond a reasonable doubt.
What FTDI *should* have done, is simply detect that a non-FDTI device was connected, and then send a message to the system-event log in Windows to log the problem, then disable the device in Device Manager [through an API call]. That way, the experience that the end-user would have is that the non-FTDI device would simply stop working on a Windows based machine. If they wanted to dig deeper [or an IT person could dig deeper], they would find the exception in the system event log, which would clearly say that the FTDI driver found a non-FTDI device and is refusing to work with it. FTDI owns the driver, so this would be a perfectly legitimate thing to do.
But, did they do that? Nope. They decided to commit a crime instead.
Instead of doing the *Right* thing, they made a conscious decision to order their people to write some illegal malware [illegal in the USA and many western nations, and in some nations it is treated as terrorism] to "hack" the actual hardware, and damage it in a way where it would not work [even in Linux]. AND they did this without knowing if the device they were damaging was a legitimate clone, or an illegal counterfeit part-- [which is mostly irrelevant-- it is still a crime as it is not their hardware and they don't have permission from the owner to damage it].
So, once again, I see postings from forum users that initiated their account here on this forum a day or so after this "problem" became a PR issue. These forum users have only commented in this thread and have no other postings in any other thread. AND they "say" that-- "Oh no, we are not a paid shill for FTDI! How could you say such a thing!". Also, by the shear number of times the word "fake" is used in their postings, it leads me to believe that they are getting paid based on the number of times they use the word "fake"...
As for Rufus, I have seen his postings in the past, and he seems to be a competent engineer that likes to stir the shit just for fun. Nothing wrong with that I guess. Although, I think he [as an engineer] should show a little bit more solidarity on this issue, because it really is an important one that will have consequences for FTDI and maybe other companies in the future that attempt to do the same thing.
So, what so you day Rufus? How about you pull your head out of FTDI's ass, and come over to *our* side?
Hmm, if they claim the fakes have micro-controller based chips shouldn't it be possible to fuzz them to check for any bootloaders that would allow for re-programming. More intensively you would have to de-lid the chip to access the not accessible programming pins which would put it right into the FUD territory.
The fundamental difference is the car engine requires physical repair the fake chip does not. Rebut that please.
The fundamental difference is the car engine requires physical repair the fake chip does not. Rebut that please.
If you have a car that requires repair, you need a mechanic.
If you have a chip that needs to be reprogrammed, you need an engineer/knowledgeable person in that area.
These both have a cost if you are not already a mechanic or engineer yourself. And even then, your time is valuable, and you are wasting it on an issue that did not exist but for the fact someone maliciously made it so that your car/device would not work for you as you expected.
What you fail to understand repeatedly, is that it does not have to be broken beyond repair for it to be an issue.
It still requires remedy, and this has a cost, whoever you are.
I have a toyota, and if I put a non-toyota part in my car, and toyota sent someone in the dead of night to interfere with the car so that it would not run, because I had the non-toyota part, I would have a pretty obvious cause for complaint. You can't just interfere with people's property (yes even though it is fake, it is still their property) because you feel an injustice has been done. That's the bottom line, there is nowhere to go with the argument after this.
Unless you like doing logical loop-the-loops. Which I await with baited breath.
The fundamental difference is the car engine requires physical repair the fake chip does not. Rebut that please.
If you have a car that requires repair, you need a mechanic.
If you have a chip that needs to be reprogrammed, you need an engineer/knowledgeable person in that area.
These both have a cost if you are not already a mechanic or engineer yourself. And even then, your time is valuable, and you are wasting it on an issue that did not exist but for the fact someone maliciously made it so that your car/device would not work for you as you expected.
What you fail to understand repeatedly, is that it does not have to be broken beyond repair for it to be an issue.
It still requires remedy, and this has a cost, whoever you are.
I have a toyota, and if I put a non-toyota part in my car, and toyota sent someone in the dead of night to interfere with the car so that it would not run, because I had the non-toyota part, I would have a pretty obvious cause for complaint. You can't just interfere with people's property (yes even though it is fake, it is still their property) because you feel an injustice has been done. That's the bottom line, there is nowhere to go with the argument after this.
Unless you like doing logical loop-the-loops. Which I await with baited breath.
The fundamental difference is the car engine requires physical repair the fake chip does not. Rebut that please.
If you have a car that requires repair, you need a mechanic.
If you have a chip that needs to be reprogrammed, you need an engineer/knowledgeable person in that area.
These both have a cost if you are not already a mechanic or engineer yourself. And even then, your time is valuable, and you are wasting it on an issue that did not exist but for the fact someone maliciously made it so that your car/device would not work for you as you expected.
What you fail to understand repeatedly, is that it does not have to be broken beyond repair for it to be an issue.
It still requires remedy, and this has a cost, whoever you are.
I have a toyota, and if I put a non-toyota part in my car, and toyota sent someone in the dead of night to interfere with the car so that it would not run, because I had the non-toyota part, I would have a pretty obvious cause for complaint. You can't just interfere with people's property (yes even though it is fake, it is still their property) because you feel an injustice has been done. That's the bottom line, there is nowhere to go with the argument after this.
Unless you like doing logical loop-the-loops. Which I await with baited breath.
Someone else gets it.
I actually just got a response from FTDI Chip. They're working on a "detection" tool which will be released "soon" so we can have EOL testing for legit parts. It's something, at least!
I doubt it was tested in courts but many EULAs also say you automatically agree by using the software/service and if you don't agree then remove/return/disable the software/service to disagree to the terms. (Most websites tuck away the pages of legal stuff in another link how many people click on those links, same goes for tucking it into the inf no one reads the stuff and they are all "automatically" agreeing through use)
The facts make your statement flawed. So instead of attempting to counter my statements you just keep saying the same thing that the device is physically dead when it isn't.
From the user perspective the device is fake the internet made that so abundantly clear. (Literally simple fact is the fake device is not broken)
A better example would be ....
If you like simple questions then:
Is the device (Fake chip) physically damaged?
If the end user plugs in the device, does it operate as they expect or as intended? Yes, or no?
No, it does not operate as the user expects...
Is there any chance I can convince you to say "the device was always unsupported"?
To say "it was always dead", even though users had clearly been using them for many years, is absurd (if a bit Michelangeloic). That's like suggesting that, upon its confiscation due to it having been stolen, a car that you've been driving around in for 15 years never actually moved a millimeter.
If you could convince other people not to keep saying the FTDI drivers killed, bricked, damaged, rendered inoperable, etc the device?
I think that there is enough evidence to show that FTDI did this intentionally, and with some forensic software people looking at their code [and supported with depositions, etc.], I think that fact can be proven beyond a reasonable doubt.
What FTDI *should* have done, is simply detect that a non-FDTI device was connected, and then send a message to the system-event log in Windows to log the problem, then disable the device in Device Manager [through an API call]. That way, the experience that the end-user would have is that the non-FTDI device would simply stop working on a Windows based machine. If they wanted to dig deeper [or an IT person could dig deeper], they would find the exception in the system event log, which would clearly say that the FTDI driver found a non-FTDI device and is refusing to work with it. FTDI owns the driver, so this would be a perfectly legitimate thing to do.
But, did they do that? Nope. They decided to commit a crime instead.
Instead of doing the *Right* thing, they made a conscious decision to order their people to write some illegal malware [illegal in the USA and many western nations, and in some nations it is treated as terrorism] to "hack" the actual hardware, and damage it in a way where it would not work [even in Linux]. AND they did this without knowing if the device they were damaging was a legitimate clone, or an illegal counterfeit part-- [which is mostly irrelevant-- it is still a crime as it is not their hardware and they don't have permission from the owner to damage it].
So, once again, I see postings from forum users that initiated their account here on this forum a day or so after this "problem" became a PR issue. These forum users have only commented in this thread and have no other postings in any other thread. AND they "say" that-- "Oh no, we are not a paid shill for FTDI! How could you say such a thing!". Also, by the shear number of times the word "fake" is used in their postings, it leads me to believe that they are getting paid based on the number of times they use the word "fake"...
As for Rufus, I have seen his postings in the past, and he seems to be a competent engineer that likes to stir the shit just for fun. Nothing wrong with that I guess. Although, I think he [as an engineer] should show a little bit more solidarity on this issue, because it really is an important one that will have consequences for FTDI and maybe other companies in the future that attempt to do the same thing.
So, what so you day Rufus? How about you pull your head out of FTDI's ass, and come over to *our* side?
Microsoft has terms that people agreed to before buying or during install (wait a second, please refer the EU case that install/run time EULAs are void that makes no sense what happens if you don't buy something and they display a must read prompt that makes zero sense) which covers Microsoft services and if you don't like automatic updates and automatic terms then you should disable it. (Which is easy to do and it gives you the choice right directly as well)
The VID/PID is used to match up trademarked and proprietary software and forms a very easy to bypass digital lock of sorts.
I doubt it was tested in courts but many EULAs also say you automatically agree by using the software/service and if you don't agree then remove/return/disable the software/service to disagree to the terms. (Most websites tuck away the pages of legal stuff in another link how many people click on those links, same goes for tucking it into the inf no one reads the stuff and they are all "automatically" agreeing through use)
LOL. Are you for real? OK, let's see.
By reading this post you automatically agree to my EULA. Which, among other things, stipulates that you have to pay me 50$ within 7 days of reading this post. Please contact me by PM to give you details about how the payment can be made.
And you are wrong. It has been tested in courts (although i am only aware of Germany/EU rulings, obviously). Shrink-wrap licenses have absolutely no legal power. None at all. The customer needs to be made aware of the terms and conditions of any such agreement _beforehand_. Then there is all that meeting-of-minds stuff.
Really, you are grasping at straws. In the meantime, i'll await your PM so i can give you the payment details.
Greetings,
Chris
Microsoft has terms that people agreed to before buying or during install (wait a second, please refer the EU case that install/run time EULAs are void that makes no sense what happens if you don't buy something and they display a must read prompt that makes zero sense) which covers Microsoft services and if you don't like automatic updates and automatic terms then you should disable it. (Which is easy to do and it gives you the choice right directly as well)
What a load of bullshit. Microsoft and FTDI are two entirely separate entities. Agreeing to terms from Microsoft can in no way mean to automatically agree to any terms that a third party may come up with in the future, let alone with any third party terms that the customer has never been shown.
Like, i have a contract with my landloard to rent the place i am in. That does not mean that i have to blindly agree to any terms that, for example, the electricity company makes to supply me with electricity in said place. It doesn't matter at all what terms and conditions have been agreed to between the user and Microsoft, as far as third party stuff is concerned. Those terms only apply between MS and the customer, and no one else.
Of course, MS could say "well, yes, we adopt FTDI's terms now, and thus they are ours as well". But in that case the user has to be notified of that fact, and still shown those terms.
Greetings,
Chris