back to article Chip company FTDI accused of bricking counterfeits again

Semiconductor company Future Technology Devices International (FTDI), which in 2014 was caught out bricking products built using knock-off chips, has again been accused of fooling around with device drivers. Back in October 2014, the company shipped a device driver that checked the authenticity of USB chips claiming to be FTDI …

  1. Paul Crawford Silver badge

    Linux?

    Is this happening to the Linux drivers (if any) and if so is the code change visible? Makes me glad not to depend upon closed source drivers for most things [*]

    However they may feel about rip-off chips, the act of potentially damaging equipment by deliberate actions is one they should be spanked by the courts for. The only honest option, if they must do anything, is simply to put up a warning that the device is counterfeit and to stop using it without fake data and without difficult-to-reverse actions on the hardware.

    [*] except video, where crappy driver issues are the norm on both Windows and Linux :(

    1. Flocke Kroes Silver badge

      Re: Linux?

      A patch was proposed as a joke get the driver in the Linux kernel sources to match the behaviour of the FTDI driver. That patch was not included, but a patch to detect and use bricked chips was included.

      FTDI distribute binary drivers for Linux. If somebody actually uses those drivers and got burned it did not cause headline news on the internet.

      The license for the FTDI driver includes a clause saying the user gives permission for the driver to break counterfeit chips. IANAL, so I do not know if it proects them from the computer fraud and abuse act. (Note to Windows users: read the EULA. If it is 5000 pages long, you can be certain 4900 or those pages are there to hide something you will regret later.)

      Last time alternative actions FTDI could have taken were proposed that did not take reality into account. FTDI chips keep there USB product ID in a mask ROM. The counterfeits keep them in EEPROM. To spot the difference, you have to command the chip to write to the EEPROM. This does nothing to the genuine chip, but EEPROM can only survive a limited number of erase/write cycles. At this point, you have to decide what to do. You could write FTDI's numbers back again, and after about half a million reboots the EEPROM will not be capable of storing some product IDs. You could leave a predictable number in there, and the device will work with the open source Linux driver. The new plan appears to be to leave a random number behind. What Windows (or Linux) will do next will depend on if the new numbers match a device known to the operating system.

      1. Anonymous Coward
        Anonymous Coward

        Re: Linux?

        >FTDI chips keep there USB product ID in a mask ROM.

        No it's not. You can change it even on real devices.

        The way they are detecting fakes is by doing a write to EEPROM with a width that the real devices ignore. If the data on the EEPROM changes they know it's not a real part because the real part would have ignored it.

        1. Flocke Kroes Silver badge

          Re: width the real devices ignore

          Thanks - I should have done a bit more fact checking. I did not realise that the fake was so different from the genuine part. Full details are here.

    2. Christian Berger

      There are safeguards against malware

      Free software typically has safeguards against malware so such malware wouldn't make it into the official kernel.

      Unfortunately free software projects have now become so huge, it's getting hard to leave out the parts you don't like.

    3. bombastic bob Silver badge

      Re: Linux?

      I believe that FreeBSD has an open source FTDI USB driver, and because of that, it should be possible to port it to other operating systems. Perhaps THAT is part of the solution?

      This also opens up the need for a generic USERLAND 'libusb' equivalent for Windows... in fact, how about USERLAND DRIVERS for all KINDS of things that FreeBSD and Linux both have (like Fuse FS, for starters), but in Windows, so we don't have to rely on *SIGNED* kernel drivers any more...

      1. Anonymous Coward
        Anonymous Coward

        Re: Linux?

        That's not recommended for performance-intensive drivers because to get high performance, particularly with a memory map (which is always to the kernel half of the memory), you need to play close to the metal.

        1. Crazy Operations Guy

          Re: "That's not recommended for performance-intensive drivers"

          Its RS-232, I'd hardly call 192 kbps 'high-performance'.

          1. the spectacularly refined chap

            Re: "That's not recommended for performance-intensive drivers"

            Its RS-232, I'd hardly call 192 kbps 'high-performance'.

            Bandwidth != performance. The other half of the measure is latency and RS-232 wins hands down.

          2. Suricou Raven

            Re: "That's not recommended for performance-intensive drivers"

            It's actually just serial logic data. It's not RS232. It does have the right timing for RS232, but not the right voltage levels. If you want that you need another chip that does the level conversion.

      2. Ken Hagan Gold badge

        Re: Linux?

        "a generic USERLAND 'libusb' equivalent for Windows"

        Sounds a bit like WinUSB, which has existed for about a decade, but the story specifically for USB/RS232 devices is even more interesting. There's an official way to do RS232 over USB which non-Windows platforms have supported for ages and which Win10 now finally supports out of the box. So, if that's what you are using your FTDI chips for, then on Win10 you won't actually be using FTDI's drivers.

        On older versions of Windows, of course, you are a bit stuck and nobbling the end-user's hardware when the counterfeiting offence was probably committed *way* up the manufacturing chain strikes me as very unfair on end-users. Fortunately, taking the law into your own hands like this is almost certainly contrary to computer mis-use laws and courts would in any case take a dim view of a vendor declaring themselves to be judge and jury like this.

        Apologies for the long post, but the list of things that are wrong about this story is just boggling.

  2. Richard 12 Silver badge

    Goodbye FTDI

    Sorry, but I can't trust a company willing to deliberately sabotage - there are better ways to deal with counterfeit chips.

    We won't be using FTDI silicon ever again.

    1. ckm5

      Re: Goodbye FTDI

      This is exactly what I have done since the first incident - proactively avoided anything with an FTDI chip in it. I've also advised all the vendors I deal with that we will not accept any new hardware with an FTDI chip in it.

      The risk is just too high and counterfeits are all over the supply chain, even in heavily controlled sourcing. Imagine the liability if a counterfeit got into a medical device and FTDI's driver f*ckups killed somebody. Sorry to say, but hopefully FTDI will be out of business before that happens.....

      It's a shame really as FTDI has been the defacto standard for USB-to-serial for decades, way to destroy your business.

      1. Anonymous Coward
        Anonymous Coward

        Re: Goodbye FTDI

        >proactively avoided anything with an FTDI chip in it.

        So you avoid all of the dev kits with FTDI chips as the JTAG interface.. like 90% of them because no other vendor makes a chip like that.

        >The risk is just too high and counterfeits are all over the supply chain,

        >even in heavily controlled sourcing.

        If you source from Digikey etc you should be OK. I suspect most of the people that are getting stuff bricked are using parts sourced from Random/Cheapest Parts Dealer in China.

        >Imagine the liability if a counterfeit got into a medical device

        >and FTDI's driver f*ckups killed somebody.

        What if the counterfeit part dies without FTDI's driver fucking it up? Surely a system that is running critical life support services A: uses only parts that can be traced back to the original vendor, B: Doesn't use Windows or is at least fault tolerant enough that it doesn't rely on Windows being remotely stable. C: Doesn't go updating critical drivers while it's doing a critical life support task?

        Have you considered that potentially counterfeits might be busted by the official driver even if it doesn't intentionally try to break them because they aren't 100% compatible?

        >Sorry to say, but hopefully FTDI will be out of business before that happens.....

        I doubt that will happen. They don't just make this chip and whatever issues you have with their drivers the alternatives don't exist or aren't as good. If you just want a decent USB->Serial chip the Silabs CP2102 is good but if you want a high speed multiprotocol chip like the FT2322 you have less choice.

        >It's a shame really as FTDI has been the defacto standard for USB-to-serial for decades,

        >way to destroy your business.

        Because their chips work unlike the alternatives with the exception of the CP2102 I mentioned.

      2. bazza Silver badge

        Re: Goodbye FTDI

        This is exactly what I have done since the first incident - proactively avoided anything with an FTDI chip in it.

        That is an ambiguous statement. Do you avoid FTDI's driver too and buy parts that have their own drivers? Or do you buy parts that continue to use the FTDI drivers?

        The former is kinda hard to find, the latter is outright support for the knock off vendors getting a free ride on FTDI's back.

        If you want something that works you're better off buying the former or buying genuine FTDI parts.

        Personally I can't see what is wrong with FTDI's position. They can't be obliged to give driver support to clones.

        Imagine the fuss if someone was making knock off Nvidia GPUs. If you purchased a $400 card that turned out to be fake you'd be moaning at the vendor until you got a refund. With FTDI no one can be arsed to get their lazy butt out of their chair and moan to their vendor about having been sold a $5 con. Weirdly they're quite happy to take a small financial risk and sponge off FTDI's living so long as it doesn't cost very much, yet moan like hell when things stop working and would have to buy a genuine replacement to get going again.

        1. Morzel

          Re: Goodbye FTDI

          The point is that you'd have to steer clear of anything with an FTDI label, because it might just be a counterfeit part, in which case you are screwed. So your odds are better with a part that is clearly not FTDI. Make no mistake: people will (even if you consider it unfairly) perceive this as FTDI's fault, due to the fact that they are left out in the cold by FTDI while they acted in good faith.

          Not every manufacturer works like this though. I've discussed counterfeit components with an application support engineer working for a big silicon manufacturer (that shall be unnamed), and he had personally run into an issue with a counterfeit: a big customer of theirs was having problems with a radio IC, so he was called in for support. Turned out that in that particular production batch a counterfeit IC (visually indistinguishible from theirs -- they had to perform X-ray analysis to figure it out) was used that supported the datasheet flawlessly but had forgot to implement the errata. I.e. the counterfeit IC did not have the bugs that the real part had, which made it fail because the integration depended on them being present.

          After some discussion with his management on how to proceed, they decided to help their customer to fix the issue with the counterfeit, as the parts had been sourced via a reliable channel and the customer was unaware (and was not made aware of) it being counterfeit. The reason being that the relationship with their loyal customer was their first priority, and that dealing with the counterfeit ICs should be done on a different level -- i.e. using the information from the customer to audit where in the supply chain the counterfeits got in.

          If I would have to choose between the FTDI way of dealing with this, or the example I mentioned above, there would be no contest: FTDI would not get my business.

          1. inmypjs Silver badge

            Re: Goodbye FTDI

            "steer clear of anything with an FTDI label, because it might just be a counterfeit part, in which case you are screwed"

            Something without an FTDI label may also be counterfeit. Unknown origin, unknown quality, zero traceability from a supplier and chain that thinks fakes are OK. You are still screwed unless you are a purveyor of cheap crap and don't care.

            FTDI's actions mean parts with FTDI labels are less likely to be fakes so there is more reason to buy them. Their actions will also help identify fraudulent links in supply chains for the benefit of all.

            A trusted supply chain is simply a requirement (unless you produce cheap crap) and really isn't that hard. Who got bitten when FTDI first released their 'bricking' drivers? Almost no reputable companies that I heard about - mostly a lot of cheap crap from ebay used by gobby 'makers' who are still the ones doing all the moaning.

            1. Anonymous Coward
              Anonymous Coward

              Re: Goodbye FTDI

              "A trusted supply chain is simply a requirement..."

              Then I wonder what happens when a lot of fake chips come along but everyone is showing clean papers, meaning either an insider did it or some sophisticated thieves managed to pull a switcheroo under everyone's noses.

        2. Anonymous Coward
          Anonymous Coward

          Re: Goodbye FTDI

          The point is end users don't get the choice of whether counterfeit FTDI parts were used or not. The first they hear of it is when the device they bought in good faith is damaged by these malicious drivers.

          The lazy ones are FTDI because instead of acting to clean up supply chains and chase counterfeiters they punish innocent consumers caught in the crossfire who have no way to stop this from happening other than to avoid FTDI devices altogether.

          How much more of this do you think people will put up with before another vendor steps in and takes FTDI's entire market away from them? It is sheer lunacy.

          1. bazza Silver badge

            Re: Goodbye FTDI

            The lazy ones are FTDI because instead of acting to clean up supply chains and chase counterfeiters they punish innocent consumers caught in the crossfire who have no way to stop this from happening other than to avoid FTDI devices altogether.

            The people getting stung are not FTDI customers. FTDI's supply chain is clean. If someone chooses to buy from someone claiming to be an FTDI seller without checking, that hardly FTDI's problem.

      3. Stoneshop

        Re: Goodbye FTDI

        Imagine the liability if a counterfeit got into a medical device and FTDI's driver f*ckups killed somebody.

        Devices that take input from serial should be able to deal with garbage coming in, even more so when it's life-critical.

        1. Richard 12 Silver badge

          Re: Goodbye FTDI

          "Should" and "do" are very different beasties.

          1. Stoneshop

            Re: Goodbye FTDI

            "Should" and "do" are very different beasties.

            If it's a serious application, it should be tested to be resilient against serial garbage. If it turns out it's not, you complain to the manufacturer as well as the tester.

            If it's a life-critical application, you get the FDA or its local equivalent to do so.

    2. inmypjs Silver badge

      Re: Goodbye FTDI

      "ways to deal with counterfeit chips"

      They are not 'dealing' with counterfeit chips they are enforcing the licensing terms of their drivers.

      They are only licensed for use with genuine FTDI parts. If you don't like that get your own drivers, you could try contacting the manufacturer of the fake parts - if you knew who it was - lol.

      1. Christian Berger

        Supporting USB

        "They are only licensed for use with genuine FTDI parts. If you don't like that get your own drivers"

        That's actually a big question I'm having for years. FTDI essentially makes devices compatible to the USB standard for "serial ports". Just about any operating system has default vendor independent drivers for that, after all that's one of the few bits where USB is actually standardized. The only exception is Windows. If Microsoft would get off their asses and finally support USB in any meaningful way this whole mess wouldn't be possible.

        1. Anonymous Coward
          Anonymous Coward

          Re: Supporting USB

          >FTDI essentially makes devices compatible to the USB standard for "serial ports".

          They do not. What you are talking about is the USB communications class or CDC which the FTDI chips are not. The FTDI chips support things that CDC devices don't like bit bang etc which is why they are so useful and often seen in cases where you don't just need a UART but also some lines you can control.

          >Just about any operating system has default vendor independent drivers for that,

          They have drivers for CDC which the FTDI is not.

          >after all that's one of the few bits where USB is actually standardized.

          Except the FTDI device is not a CDC device and it can do more than the CDC spec allows.

          >The only exception is Windows. If Microsoft would get off their asses and finally

          >support USB in any meaningful way this whole mess wouldn't be possible.

          Windows supports CDC devices out of the box from what I remember but again.. the FTDI chip isn't CDC compatible. The advantage of the FTDI part is that it's fairly reliable and can do auxiliary functions that would require a microcontroller for a dumb usb uart.

      2. Missing Semicolon Silver badge
        Unhappy

        Re: Goodbye FTDI

        No, what FDTI are doing is beyond what's reasonable. They are entirely allowed to make the drivers see a fake chip and go "uh-oh! fake detected! Return an error on driver init". The result would be that fake chips would show up as warning triangles in device manager.

        However, proactively destroying the customers equipment is at the very least rude, if no criminal.

        1. Anonymous Coward
          Anonymous Coward

          Re: Goodbye FTDI

          "However, proactively destroying the customers equipment is at the very least rude, if no criminal."

          Interesting point - not sure where I stand on this one, on one hand I can see where they are coming from but at the same time its likely not to be the end users fault...

          I suppose at the end of the day its the same as buying any counterfeit goods if you buy a fake Rolex and take it into a Rolex shop to be serviced the odds are you're not getting it back, whether you knew it was fake or not.

          Its a bit shit for the users, but at the end of the day they are using fake goods - knowingly or not - they really should be going back to their suppliers with this and demanding a new widget with a real chip.

      3. Anonymous Coward
        Mushroom

        Re: Goodbye FTDI

        They are only licensed for use with genuine FTDI parts. If you don't like that get your own drivers

        This will backfire nastily on FTDI, since they are deliberately screwing their customers, the purchasers of the chips - who buy the cheapest parts they can, obviously, often via brokers. i.e. they are making their problem into a much bigger and expensive problem for their customers.

        Next stop is "FTDI chips are unreliable - some batches work and some don't - for whatever reason. So we now have an extra quality assurance problem in our manufacturing. Sod that, let's use a part we can rely upon".

        1. bazza Silver badge

          Re: Goodbye FTDI

          This will backfire nastily on FTDI, since they are deliberately screwing their customers, the purchasers of the chips - who buy the cheapest parts they can, obviously, often via brokers. i.e. they are making their problem into a much bigger and expensive problem for their customers.

          No they're not. They're not FTDI's customers at all. The people being screwed have bought fake parts;. They're getting screwed by rip off merchants illegally using FTDI's brand, logo an reputation and are so lazy they can't even be bothered to rip off FTDI's silicon properly (which is why FTDI can pu ou booby-trapped drivers)

          FTDI would like them to be their customers, but are not allowed to trade on a fair market because too many people don't care where they buy from or whether it is genuine so long as it is cheap.

          1. Ben Norris

            Re: Goodbye FTDI

            They have not bought fake parts. The parts don't claim to be FTDI in any way, they just happen to be trying to be compatible with the driver.

            1. Anonymous Coward
              Anonymous Coward

              Re: Goodbye FTDI

              Some of them are silkscreened "FTDI" so some OEMs are fooled by it.

              Others are saving money by buying something cheaper than FTDI that claims to be compatible - there is nothing illegal about designing to FTDI's spec. Neither is there anything illegal about FTDI finding a check they will fail on to prevent those 'clone' chips from working. They better have a whole list of similar tricks, because they've probably already modified the microcode in the chips coming off the assembly line from today on to respond exactly like FTDI chips do to the test in the new driver. If FTDI doesn't have any more tricks in their bag, all they've done is piss off some people who will probably never know what happened, but still aren't likely to buy products containing genuine FTDI chips.

        2. Stoneshop
          Facepalm

          Re: Goodbye FTDI

          since they are deliberately screwing their customers, the purchasers of the chips

          In what way are buyers of counterfeit chips FTDI's customers?

          1. Anonymous Coward
            Anonymous Coward

            Re: Goodbye FTDI

            @Stoneshop: In what way are buyers of counterfeit chips FTDI's customers?

            Because widget manufacturers will not even know whether they are buying counterfeit chips or not. They buy components like you buy petrol, through a chain of middlemen. Do you know which country the petrol in your car came from?

            1. Stoneshop
              FAIL

              Re: Goodbye FTDI

              Because widget manufacturers will not even know whether they are buying counterfeit chips or not.

              Then you're the widget vendor's customer. You're still not FTDI's customer in any way.

              They buy components like you buy petrol, through a chain of middlemen. Do you know which country the petrol in your car came from?

              If the petrol station is selling me a petrol-like fluid that doesn't quite work like Real Petrol under all circumstances, it's their problem (provided I can trace it back to them). What country the crude originated from is irrelevant.

              1. Anonymous Coward
                Anonymous Coward

                Re: Goodbye FTDI

                The point is that if the "petrol like fluid" worked for all purposes petrol did, and the only way to tell it wasn't petrol but some substitute was for your car's fuel injector to run a special test on it and refuse to run if it failed to pass, is it really the petrol station's problem? They thought they were getting petrol, and it works exactly like petrol does if that special test is skipped.

                FTDI's problem isn't that the counterfeit chips don't work exactly like FTDI's chips, their problem is that they DO!

            2. d3vy

              Re: Goodbye FTDI

              "Do you know which country the petrol in your car came from?"

              No and I dont care because the raw material has little bearing on the end product - what I do know though is that if I buy my fuel from shell its been refined by shell and will meet a fairly consistent standard... If I go to tesco to buy fuel all I know is that its come from a refinery somewhere nearby, I cannot be sure that its going to be a consistent quality.

              For that reason I normally go to shell. Ie I know I can trust my supplier. If I couldn't trust them I'd use someone else - which is what purchasers of dodgy chips should do - switch to a supplier that can be trusted to source proper chips.

        3. d3vy

          Re: Goodbye FTDI

          "This will backfire nastily on FTDI, since they are deliberately screwing their customers, the purchasers of the chips."

          Thats the sticking point isn't it... they are not, they are screwing people who are NOT using their products they are using knock of clones of their products designed to use the same driver -unwittingly or not the affected people are not using FTDI chips thats the whole issue.

          Why should they facilitate the people cloning their chips making money by allowing them to use their drivers?

          Though the same could have been achieved without fudging up the device... they could have just popped up a message to let the user know that its not a legit chip.

      4. Mage Silver badge

        Re: Goodbye FTDI

        Impossible for most people to know if they are buying a counterfeit chip. This is unreasonable behaviour by FTDI.

    3. Gel

      Re: Goodbye FTDI

      Me too,

      I stopped using FTDI devices in electronic design the last time. Though they are not needed so much now that many MCUs include USB.

    4. Fibbles

      Re: Goodbye FTDI

      But if you're using FTDI chips their shenanigans won't actually affect you?

      If you were using fake chips why would they even care about your boycott?

  3. Mark 85

    But how does one know that they have a product with a counterfeit chip in it? I suspect that returning it the store/sales point or manufacturer will have no impact. A conundrum from all sides. Bricking and screwing with the device it's in is not an appropriate solution. A pop-up box on the screen might do it, but still, what's the user/consumer's recourse?

    1. Stuart Halliday
      Stop

      The problem of counterfeit components isn't going away.

      5 years ago it was dodgy capacitors. Now everything is fair game.

      Today, they're even counterfeiting the humble fuse.

      Manufacturers of sophisticated products are being conned into using substandard resistors, capacitors, logic chips and wire.

      This is killing people.

      1. Voland's right hand Silver badge

        This is not killing people (yet)

        This is killing people

        No it is not. Yet.

        Now, counterfeit life jackets on which Turks are making a killing (literally and figuratively) are. However, we are doing nothing and shall do nothing about it as it is not politically convenient.

        Same as in this case actually - it is not politically convenient to apply proper penalties for counterfeit goods which potentially matter in human lives such components (and again - life jackets). Now, Luis Voiton handbags - we are going to f*** nuke the counterfeiter because the civilization will end if counterfeiting handbags for rich tw*ts will be allowed to occur.

        1. Anonymous Coward
          Anonymous Coward

          Re: This is not killing people (yet)

          "Now, counterfeit life jackets on which Turks are making a killing (literally and figuratively) are. However, we are doing nothing and shall do nothing about it"

          That's because Turkey is a backward, corrupt shithole.

          1. Voland's right hand Silver badge

            Re: This is not killing people (yet)

            That's because Turkey is a backward, corrupt shithole.

            You are dangerously underestimating them. Nothing to do with that. It is the same as allowing or prohibition of any counterfeit goods. It is a question of political expedience.

            The more dead kids wearing counterfeit life jackets end up being washing up on beaches, the more Turkey can pressure Eu and USA to drive its agenda. Last time a dead toddler washed up on the beach we were ready to hand them 3Bn to drive their agenda to reincarnate the Osman empire.

            It is the same as with any other counterfeit goods. Selling "specially vetted components" to the military is an extremely high value racket which only a couple of usual suspects have access to. As a result any attempt to counterfeit (in most cases just relabel) that will get you 20 odd years in a place nobody knows about. Mislabeling the same components for health or residential use - who cares, it is not politically expedient to persecute the culprits, it will damage our relations with the tat producing countries _INCLUDING_ Turkey.

            Turkey is one of the biggest manufacturers after China and the Far East and is also a major producer of goods that are "not to spec" (that is polite description).

            It manufactures anything and everything starting with textiles, going through Bosch hand tools, Renault and Ford vehicles and finishing with military hardware including _OUTSOURCED_ F-16s.

            Based on first hand experience with quite a lot of their consumer goods, the "CE" label on them is quite often outright fake and quite often so is the country of origin label (labeled as produced in one of the Balkan countries while in fact done in a slaveshop using Syrian refugee labor somewhere in DyarBekir).

    2. bazza Silver badge

      But how does one know that they have a product with a counterfeit chip in it?

      Try the latest driver!

      I suspect that returning it the store/sales point or manufacturer will have no impact.

      Depends where you live. Here in the UK If you've bought with the credit card then according to the law it's your credit card company's problem to solve. You phone them up an say you've been conned and they have to give you a refund. You can also moan to the local Trading Standards people. If you’ve been buying from Amazon you can write to them and complain, using the phrase "passing off" and threatening lawyers somewhere. That's legal-ese basically saying Amazon are at least partly culpable in a criminal offence of passing off a con as a genuine part. If enough people wrote letters like that then Amazon would soon do something about it.

      Most of the problems arise from people not caring enough about the $5 they wasted on a fake part. Caveat Emptor. If people are too lazy to defend their rights then they'll lose them.

      1. Richard 12 Silver badge

        The CC company only matter for > £100

        As these are sub £10 parts, no dice.

  4. Stuart Halliday

    Should at least tell the user for goodness sake!

  5. Number6

    I'm sure there's room for a lawsuit in here somewhere. If it was a virus that damaged the computer or its files then I'm sure various governments would prosecute. How is this any different? I could see writing a driver in such a way that it only works with the genuine article, but active damage to a system is not good.

    1. Anonymous Coward
      Joke

      1) Define your branded TV/Computer as only being "official non-counterfeit" if plugged into your own branded mouse/keyboard etc.

      2) Fry anything it touches that is not wearing the brand, including users for breaking "T&C" and "EULA" and all your absolute control and rights!!!

      3) Take in loads of new orders for components, as strangely the users own ones keep failing.

      ...

      4) Profit?

  6. Ozzard
    Mushroom

    Always mount a scratch monkey

    Why oh why am I reminded of this old story?

    http://edp.org/monkey.htm

    1. Crazy Operations Guy

      Re: Always mount a scratch monkey

      Mounting a scratch monkey, isn't that how AIDS spread to humans?

  7. Alan Brown Silver badge

    Not counterfeit

    The chips in question are not counterfeit.

    They're a completely different rs232 device which uses the same command api as fdti''s one. The big sin is using ftdi's USB ID (naughty but common and the basis is that they work alike. They should use one the generic serial device ID if they don't acquire their own one)

    There was an analysis of the silicon last time around. The "fake" devices are actually better implemented than FTDI ones and they can be bricked specifially because they adhere to the published command set better than ftdi''s own silicon does.

    I suspect that deliberately bricking chips in the UK will come down to the computer misuse act. This could get interesting. ...

    The fact that FTDI is setting these to a zero or random I'd is extremely telling. Apart from the dubious legality of trashing end-user equipment they _could_ have reset it to 'generic rs232 device'.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not counterfeit

      "The chips in question are not counterfeit."

      They have FTDI's trademarked logo on them. They are being sold as FTDI chips.. I'm not sure what counterfeit means in your reality but that's the dictionary definition of counterfeit in ours.

      "better implemented than FTDI ones and they can be bricked specifially"

      The difference is that the fake devices allow types of writes to the eeprom that the real ones don't. Unless the types of write that aren't allowed are documented in the datasheet as being allowed you are talking out of your rear end. As for being "better". Can we have some performance data that actually proves that and not just something someone else wrote and you took as fact?

      "I suspect that deliberately bricking chips in the UK will come down to the computer misuse act."

      Neither this "new" method (which has been in the drivers for months) or the old USB ID change bricked the device.

      "This could get interesting."

      It hasn't for the year or so since they put that USB ID change thing in and it hasn't for the 5 or so months that this new method of sending "YOU GOTS FAKE BRUV" out the TX line of the UART has been in the driver. Not sure why it would get interesting now.

      "The fact that FTDI is setting these to a zero or random I'd is extremely telling."

      It stops it registering with their driver. I'm not sure what else you could read into that to be honest.

      "Apart from the dubious legality of trashing end-user equipment"

      It didn't thrash anything and still doesn't.

      "they _could_ have reset it to 'generic rs232 device'."

      What is a generic rs232 device in the USB world? There isn't a universal ID for a CDC serial device. That is defined in the meta data the host gets from the device on enumeration. So without showing that you don't have any clue how USB works any further please tell us how you would achieve that keeping in mind that the chip is a total unknown except that it implements what FTDI wrote in their datasheet well enough that they can change the USB ID without making it explode.

      1. SolidSquid

        Re: Not counterfeit

        "They have FTDI's trademarked logo on them"

        From what I remember of the last time this was going on, a lot of them actually didn't claim to be FTDI chips. They claimed to be generic chips which did a similar job, but were piggy backing off of the drivers for FTDI chips to make it easier to link up with Windows.

        Also, in the case of those which *are* counterfeit, this isn't actually doing anything to harm the counterfeiters, just the end users who bought what they thought was a legitimate product. All it really does is tarnish FTDI's name and cause the customers to look elsewhere

        1. Anonymous Coward
          Anonymous Coward

          Re: Not counterfeit

          The fact that you need to buy a USB ID from a monopoly organization is a fatal flaw in USB.

  8. David Kelly 2

    Not Bricked

    Boo hoo! Device driver quits working if it finds it is not talking to a known device! That is not "bricked". Bricked would be if one performed acts which turned the offending device into something as useless as a brick. In other words, if the device driver destroyed the offending counterfeit chip.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not Bricked

      But what if a counterfeit arduino with a fake chip that is a clone of a real chip that says in the documents that it's not to be used in critical life support systems is used to control the machine that stops the 100 kilo lead weights installed above all patients heads from dropping and killing them fails because it couldn't handle invalid data because of bad coding practices! *DEEP BREATH*

      COME ON MAN! THINK OF THE CHILDREN^H^H^H^H^H^H^H^H PEOPLE THAT RELY ON ARDUINO CLONES FOR THEIR LIFE SUPPORT MACHINERY!!

      1. MrBlack

        Re: Not Bricked

        Yet another person who doesn't know the difference between an Arduino prototyping board and AtMel microcontroller, sigh.

        1. Anonymous Coward
          Anonymous Coward

          Re: Not Bricked

          >Yet another person who doesn't know the difference between an

          >Arduino prototyping board and AtMel microcontroller, sigh.

          Other than incorrectly waving your e-penis about what have you added? I know very well that Arduino's are usually based on the atmega from Atmel. Atmega's don't usually come with a FT232 soldered onto the back of them. The arduino reference is in relation to that fact that most of the fake FT232s people find will be on cheap arduino clones. Honestly if you're going to get it out and start waving it around like an expert at least make sure it's not embarrassingly small before doing so.

  9. Anonymous Coward
    Anonymous Coward

    WTF

    This is indefensible to be honest. If FTDI detects a counterfeit chip, the correct course of actions would be to have the driver refuse to interact with it. Intentionally breaking things is ridiculous, and they should be sued by end-users into oblivion. Their actions could literally result in people DYING. There are countless ways for them to send a message - this is NOT an appropriate one.

    1. Anonymous Coward
      Anonymous Coward

      Re: WTF

      "Their actions could literally result in people DYING. There are countless ways for them to send a message - this is NOT an appropriate one."

      *This product or any variant of it is not intended for use in any medical appliance, device or system in which the failure of the product might reasonably be expected to result in personal injury.*

      Please stop making up silly stories about people getting killed. If someone ends up dead because of a fake chip that isn't supposed to be used in such systems even if it was real and Windows automatically updating drivers a lot more has gone wrong than some unexpected data going out of the TX line of said fake chip.

      1. SFC

        Re: WTF

        I'm not making up anything - and I didn't say anything about a medical device.

        Nobody said anything about Windows automatically updating drivers.

        Unexpected input may or may not be thoroughly vetted by the device manufacturer.

        I've seen all manner of items running Windows under the covers that could result in someone's death due to a malfunction. Starting with the control stations for heavy machinery in factories.

      2. Anonymous Coward
        Anonymous Coward

        Re: WTF

        If the FTDI chip was used in a medical device then several things should be in place.

        First risk management should be performed to make sure all risks are controlled adequately and in the case of a risk associated with the failure of a device then that device should either be a high integrity device or it should be designed so that more than one independant failure is required to create the hazard. If an RS232 link is being used in such a way that a failure such as a spurious character can cause serious injury or death I would expect some independant means used to control that risk. FTDI preclude uses that can caus einjury in their datasheet.

        Second the quality management standard for medical device manufacture requires appropriate control of suppliers. It is conceivable that counterfeit componets are sourced but it would mean that something had gone wrong in the supply chain rather than just happening when some devices are bought from the cheapest available supplier on the web.

        Third one of the risks controlled would be risks from software updates. This probably means the manufacturer specifying that only updates that have been reviewed, verified and authorised by the manufacturer can be applied. It may well mean that tests are performed following a field software update.

        You can criticise FTDI's approach which will probably harm end users unaware of what is inside their equipment without baseless panic mongering.

  10. Stephen W Harris

    Misleading title

    The latest driver _isn't_ bricking the chip. What it does it detect counterfeit chips and then send a specific stream 'NON GENUINE DEVICE FOUND!' to the device instead of the requested data.

    I'm glad that FTDI is highlighting the problem of fake chips. I wish they could be a little less heavy handed (just refuse to work).

    As for those people talking about "critical" usage... if FTDI just refused to talk to the chip then you'd bitch and scream in the same way.

    There are two real problems, here, and neither are FTDI's making:

    1) Fake chips and a lack of control in how they get into products. "Chain of trust" is a biggie, and this MUST be used in critical scenarios; if you're buying something that may impact life then damn well make sure you've bought from a vendor that has, itself, verified all its suppliers. Otherwise you, the purchaser, are culpable. And if it's a large reputable vendor then you might be able to get them to cover you...

    2) Apply patches to production critical servers without having testing before hand. WTF, people? It makes me cringe; I've seen doctors and dentists use windows machines to do patient related stuff. I know they won't have a test bed, so any patches will be on live machines. This makes #1 even more important. (I wonder if this is why my doctor's systems were all down last year... hmm!)

    FTDI have made some of the best USB chips around. So good that people are passing off counterfeit products as the original. On the streets of New York the cops will (sometimes) arrest fake Gucci street sellers. Where is the equivalent cops arresting fake FTDI sellers?

    If you unknowingly buy stolen goods then you may have them confiscated. If you unknowingly buy conferfeit FTDI chips you may have them stop working.

    1. Planty Bronze badge
      Thumb Down

      Re: Misleading title

      Sadly all too often, non technical clickbait jscks use the term bricked, it gets peoples attention

    2. P. Lee

      Re: Misleading title

      >The latest driver _isn't_ bricking the chip.

      I sympathise with them, but from a user's pov, they are bricking the system which is using it, preventing further operation until the hardware is replaced. There's not much difference there.

      What I want to know is, why can't I have a proper serial port on my computer any more? I don't care if its USB shaped and/or hidden in a USB slot, but give me something simple and reliable.

      1. Anonymous Coward
        Anonymous Coward

        Re: Misleading title

        "USB shaped and/or hidden in a USB slot,"

        Universal **Serial** Bus.. OH you meant RS232 right?

        "but give me something simple and reliable"

        RS232 isn't simple (baud rates, parity, databits, clock skew) and it's not reliable in a lot of cases especially at high baud rates. Hence you don't have it on your computer anymore because it's rare that you need it and decent (Silabs etc) USB->Serial chips are $1.50 each.

    3. Richard 12 Silver badge

      Re: Misleading title

      It is deliberately interfering with its operation.

      If the driver simply refused to talk to the non-FTDI part at all, or always returned a serial number of "UNAUTHORISED-PART" and didn't transfer any data then that would be better - but still not ok.

      It's fast to spot, the manufacturer will see that it doesn't enumerate correctly and return the batch to their supplier.

      The problem is that FTDI clearly believe that screwing around with the physical 3rd party device us fine, and pretending to work most of the time is also fine.

      No. That is not ok.

      Many of these chips are in devices that aren't 100% tested, just power-on and enumerate. The manufacturer won't spot this, the end user will. Eventually. When their device randomly doesn't work.

      Finally, what happens when this detection results in a false-positive? It will happen, and nobody knows when.

      Suddenly a piece of kit that really does use genuine FTDI stops working - and FTDI will insist that the part is not genuine.

      1. SolidSquid

        Re: Misleading title

        From what I understand, the check this is using to tell fake from real is an implementation difference between FTDI and other chips which are based on the same standard, and because of that it's unlikely it will trigger false positives as the FTDI chips are explicitly designed in a way this wouldn't work on them

  11. Steve Davies 3 Silver badge

    And "Pushing" Updates is a good thing?

    It looks like they are simply following the lead given by Microsoft with Windows 10.

    With W10, the goal is to keep on pushing the updates and sooner of later the refusnicks will come around

    Here they goal is for break possibly fake hardware and sod the consequences..

    IMHO, both are unauthorised tampering with computer systems.

    1. Anonymous Coward
      Anonymous Coward

      Re: And "Pushing" Updates is a good thing?

      "Here they goal is for break possibly fake hardware and sod the consequences.."

      What gets broken? How is this that much different from an undocumented feature of the real chips causing weird behaviour with the fake ones?

  12. DropBear
    FAIL

    Somebody at FTDI seems awfully intent on shooting themselves in the other foot. If this is true (and I fully expect it is) it just shows they learned nothing the last time around: they're "sorry that we got offended about them being assholes", not "sorry about being assholes", and are actively looking for ways to keep being assholes having perceived that being their God-Given Right as merciless avengers toting a Flaming Sword Of Justice or something. Good for them - I swore never to use an FTDI chip ever again in a design if I can help it the last time around...

  13. Jason Bloomberg Silver badge

    My company develops products which use serial interfaces so we have suffered the support costs and unwarranted criticism of our products where customers have purchased cables using fake FTDI chips.

    We and our products get blamed when their fake cables don't work as expected. We have been told that we must make our products work with fake chips and it's seemingly our fault when a customer has bought fake cables, not the fault of those companies using fake chips, or customer's efforts to save money.

    Most of the problems, and criticism of FTDI, centres around the end-user having no idea why things are not working, and I can sympathise with that.

    Whatever FTDI does, it would help if FTDI could generate a pop-up message which simply told the user their driver had detected a fake chip. If that is proving difficult then they need to work with Microsoft to figure out a way to do it.

    1. Anonymous Coward
      Anonymous Coward

      The end user is often unaware of what a fake is or how to detect it. They may even believe the shop they buy from is providing real products. In some instances even the shops get bad supplies through supply chain problems.

      So, should the user, shop or manufacturer be responsible?

      Attacking the fakes, is down right an attack on the consumer. I've taken to avoiding most systems like this (game consoles, blu-ray drives etc). I've long ago avoided fakes since I was a kid, but I don't want the problems when I find out the device bricks its self through a failed DRM check. Because it will do so, with legit products, more often than the real "hackers" who can just mod/chip the device and be fine.

      Most real counterfeit operations have no to zero problems with the DRM/checks. In this instance it'll be rather easy for the counterfeiters to just run a driver of one version less, and strip out the DRM checks.

  14. Jason Bloomberg Silver badge

    It seems FTDI may have altered their drivers to send out a "not genuine!" message back in July 2015 -

    https://forum.arduino.cc/index.php?topic=270175.msg2310682#msg2310682

    1. SleepGuy

      No more FTDI for me

      I can verify it has been going on for quite a few months. We purchased some (we thought) FTDI USB-RS232 adapters (specifically for the form factor...the electronics being in the USB end and leaving bare wires for us to solder to an oddball connector to make new download cables for an obsolete product). Unfortunately these turned out to be fakes and has caused lots of time to be wasted on both the user's end and for my department. I am replacing these and will most certainly not be using FTDI chips in the new version or in anything ever again.

  15. Anonymous Coward
    Anonymous Coward

    An excellent case study of misapplied DRM killing a company.

    There really is no need for FTDI any more, what we're witnessing are the desperate last gasps of a company with a stagnant product portfolio who are trying to keep hold of market share in an extremely competitive market sector.

    There are many alternative parts out there that offer USB-Serial, I2C, GPIO for less than FTDI and with the capability to meet demand.

    Offering users a way to verify their chips are real without breaking the product that contains the chip would have been so much better. A simple utility to download or as part of the driver installer.

    Maybe changing the device identifier to display 'Fake Device' in device manager or just refusing to install the device driver at all would be better but again, we see them trashing devices for end users and a very large, vocal hobbyist community.

    Stupid.

  16. Anonymous Coward
    Anonymous Coward

    Are these really "counterfeits"?

    Other reports on this story claim that the non-FTDI chips are neither fakes nor counterfeits nor knock-offs nor rip-offs but perfectly legitimate cheap alternatives that merely claim to be FTDI-compatible. And for most purposes they are FTDI-compatible, except that FTDI has found and deliberately exploited some minor difference.

    If that is true then the conclusion would be: if you can't avoid FTDI hardware, at least avoid using their drivers.

    1. Steve Gill

      Re: Are these really "counterfeits"?

      Except the whole root of the issue is the counterfeits are dependent on FTDI drivers

      1. Anonymous Coward
        Anonymous Coward

        Re: Are these really "counterfeits"?

        As people have mentioned the majority are not counterfeits, they are devices not claiming to be FTDI but simply using the driver which has become a standard. Imagine if you plugged in a monitor and it bricked your PC because it isn't a true IBM product, that is what is happening here.

        The result of this debacle isn't that FTDI will get rid of 'counterfeiters' and get the whole market, it is that some other manufacturer will become the standard driver of choice for usb>serial compatibles and FTDI will become irrelevant.

  17. Simon Crowe

    Blacklist

    When they did this the first time I added FTDI to my list of devices to avoid, as they completely messed up a class i was running, as some devices had a 'fake' FTDI.

    Interestingly the 'fake' FTDI was a better engineered bit of silicon ...

    We really need someone with a little time to produce an open driver for all platforms ...

  18. Anonymous Coward
    Anonymous Coward

    Piffle

    So instead of quite reasonably stopping their driver talking to the counterfeit chips/notifing you, some of you apparently want FTDI to play an expensive and no doubt thankless game of whack-a-mole by trying to go after the people making them. As illustrated in one of the articles liked in the comments, the fake chips are software implementations running on a microcontroller, much like Microchips MCP2200 solution is. Shut down one place flashing these and 3 more will spring up in their place.

    I feel that the place this is getting discussed is also indicative of the kind of people this is affecting, EEVBlog is home to DIY'ers, Ardunio Hackers and Smart Alec hobbyists, the reason their whinging is their $5 cable from eBay doesn't work, well boo f***g hoo, buy a better one. (Nothing against the site or its owner, fantastic resource) Or go back to the maker of whatever device it is that still needs serial comms and ask them to integrate the FTDI directly on the board, unless they are using RS485, the 5m USB limit should be plenty.

    This isn't hard to debug (even I can write a test program talking FTDI over VCP using their d2xx driver). And anyone shipping a product without a basic functional test over the serial line should be shot, there's even a registry fix to stop your test PC enumerating 1000's of different VCPs.

    Automotive, Medical and Military applications require significant traceability if you manage to get one of these fake chips into one of those supply channels in a way that passes that scrutiny, you deserve a prize, or a slap for making some stupid sourcing decisions. There is really only one use for a 'Broker' and that is sourcing parts that are on allocation that you need now, at which point you should be sending anything you get to a testing house.

    1. Wommit

      Re: Piffle

      Down voted for two reasons.

      1) Boo Hoo comment. Seriously? How grown up is that?

      2) Thinking that the EEVBlogs site owner is a fantastic resource. Have you sat & listened to his last rant over the FTDI chips? How about the one in which he called assembler programmers stupid? That man just likes the sound of his own voice.

  19. Wommit

    FTDI did a bad thing last time,

    and a worse thing this time.

    They can detect that a device isn't theirs, so just ignore it. Don't change a thing, perhaps let the user know they have a (possible) counterfeit. But otherwise do nothing.

    The device will show up in device manager and the user can source their own drivers.

  20. Oom Bryce
    Unhappy

    Innocent Victim ?

    I suppose like many of you, I bought an Arduino Nano from what I thought was a reputable source, and after a short while it was bricked. I then bought a Nano from an ultra reliable source and it worked. I also bought a genuine FTDI chip, in case....

    The counterfeit chip looks identical to the genuine chip - the trademark etc. all look the same. I was able to get the fake chip to work again using some fairly user-hostile software from FTDI and reloading archaic drivers.

    I am disgusted at the counterfeiters, disgusted at FTDI and a bit disgusted at myself for being stupid enough to buy cheap rubbish from a country that doesn't respect "meum et tuum". (tr what's mine is mine, and so is what's yours is my own)

    NOW I have one working Arduino ISP and many non-working ones. I fear for my sanity...

  21. Donald Becker

    Many to blame, including Microsoft.

    Microsoft is the company that should be in the hot seat over this.

    Microsoft is signing the drivers and pushing them out as an automatic update. Microsoft claims to test these driver (WHQL et al) and hold companies submitting them responsible for misdeeds.

    When this happened before, Microsoft was quick to back out of the driver update. We didn't hear anything, but could at least believe that FTDI was "read the riot act" and told never to do this again. Or else.

    Now that it has happened a second time, we'll see how serious Microsoft is about their reputation, and what the true standards are for hardware/driver certification.

  22. inmypjs Silver badge

    "Microsoft claims to test these driver (WHQL et al)"

    And which of the unknown number of fake manufacturers and versions of their fake chips do you think Microsoft should also be testing? Who do you think is going to pay for the extra testing?

    1. taxythingy

      "Who do you think is going to pay for the extra testing?"

      The people buying the cheap crap. Once they've bought 4 different versions, none of which can do proper serial communcation, they'll either give up or, if they are lucky, ask. Then they'll get pointed in the direction of a reputable supplier of FTDI chip converters and automagically their equipment will start talking again.

      Well, that's what happened to the research organisation across the road from us. They finally asked if they could borrow one of mine, since our equipment didn't seem to have a problem. Job done shortly after. Cost them 4 weeks and more than the price of a proper one.

    2. dajames

      And which of the unknown number of fake manufacturers and versions of their fake chips do you think Microsoft should also be testing?

      We're not talking about testing the chips, we're talking about testing the drivers. The drivers contains special code that is only used when running on fake chips -- FTDI should have informed Microsoft of that fact and ensured that they had systems containing such fake chips with which to fully test the drivers.

      How else can FTDI be sure that Microsoft can fully test the drivers ... or are they not concerned with quality control?

  23. Enrico Vanni

    All this will do is speed up the obsolescence of FTDI as a company. They missed a trick - they should have licensed their driver to 'compatible' chips. The majority of chips affected by this do not carry FTDI branding.

  24. Frank Rysanek

    fed up with FTDI

    I've seen USB gadget chips, own designs from TW/CN companies, that were so crap that they just didn't work. Some of them were LPT and serial converters. I mean to say that some of the counterfeit FTDI chips (the ones carrying a fake logo etc) possibly don't need any deliberate bricking :-)

    OTOH, I've been in contact with someone who purchased an RS422 converter board *straight from FTDI*. You know, one of those advertised straight on the FTDI's website.

    http://www.ftdichip.com/Products/Cables/USBRS422.htm

    And the board didn't work! FTDI's tech support admitted that they had some problems with a past batch...

    Possibly the only famous alternative to FTDI is the Prolific PL2303. Not exactly a shining star. And, they also have a problem with counterfeiters.

    YMMV.

    It would be neat to have a "USB serial device class", with a class-based driver from Microsoft. There's the ACM CDC, but doesn't seem to be a perfect match...

    Then again, we have the USB LPT device class, and many products of this class "just don't work" anyway :-( I mean - for printers, just taking print jobs from the spooler...

    1. Frank Rysanek

      Re: fed up with FTDI

      [replying to my own comments is a sign of mental disorder ;-) ]

      I recall one other encounter with FTDI - this one had a driver release engineering angle. I once bought a programming dongle for Lattice CPLD's. You guessed it: the dongle contains an (original) FTDI chip. Next, I needed XP drivers for the dongle. It was in February/March 2015 = admittedly pretty late for XP, but that's what I still run on some computers in the lab (and am happy that way). To this date, FTDI still list their driver 2.10 as compatible with XP - while in reality, 2.08 already failed to load in XP SP3. I managed to find 2.06 somewhere, and that did work in XP.

      As for the opinion that "FTDI is no longer needed": in the "industry" and in the tinkerer community, RS232/422/485 are actually far from extinction. Note how simple the interface is - I wish that USB was so simple to use and debug, so universally compatible. And, RS232 doesn't force you to write your own USB driver (or work around writing your own driver by using some generic framework, libusb or some such). Especially writing drivers for Windows is a tad complicated by the required MS signature (that apart from the general driver writing complexity). Even the user space software authoring tools are more restrictive nowadays, than they were in the days of my optimistic youth... Corporations are helping each other to create a wall between how far you can get in DIY vs. what's possible with technology only available to corporations. Security measures against malware proliferation? Malware authors always find a way...

  25. dajames

    Back in October 2014, the company shipped a device driver that checked the authenticity of USB chips claiming to be FTDI. If it detected a non-original chip, the driver would stop the host operating system seeing the device by setting its USB product ID to 0.

    That release led to criticism that the company was penalising people who didn't know they had an infringing product.

    I kinda like that as a solution -- it's certainly better than interfering with the data stream -- but wouldn't it have been better if FTDI had registered a second USB vendor ID as "Fake FTDI", and set the USB device ID of any non-original chip to that code?

    The device would continue to work, but any system tools like Device Manager on Windows or lsusb on Linux would display the fact that the hardware was non-original, and questions would be asked.

    ... then again, I wonder why the driver even installs if there is no genuine hardware for it to drive. FTDI could have saved themselves a world of trouble by simply not recognizing fake hardware.

    1. inmypjs Silver badge

      "FTDI could have saved themselves a world of trouble by simply not recognizing fake hardware."

      The previous 'bricking' version of the driver treated all hardware exactly the same. Actions which 'bricked' some fake chips had no effect on genuine chips.

      Specifically detecting non-genuine chips and treating them differently which all the whiners said they should do likely puts them on legally shakier ground.

      1. Wommit

        @ inmypjs

        "Specifically detecting non-genuine chips and treating them differently which all the whiners said they should do likely puts them on legally shakier ground."

        How? Is setting a device driver to refuse to work with something provably not a FTDI device illegal or something.

        Shirley issuing a warning and then not interacting with the device is the best option. The user then can complain to their end of the supply chain, and so on.

        However, just pissing the paying public off will only hasten FTDIs demise. Rightly or wrongly, people remember these things.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon