Arduino FTDI driver issue with Windows update

Lifted from another NG:

Hi,

I know there are several people here that work with Arduino microcontrollers. Just a heads up to a potential headache.

=== Windows Update drivers bricking USB serial chips beloved of hardware hackers The move to combat counterfeit chips leaves hobbyists stuck in the middle.

by Peter Bright - Oct 23, 2014 12:40 am UTC

Hardware hackers building interactive gadgets based on the Arduino microcontrollers are finding that a recent driver update that Microsoft deployed over Windows Update has bricked some of their hardware, leaving it inaccessible to most software both on Windows and Linux. This came to us via hardware hacking site Hack A Day... ===

See:

Reply to
Shed_Fiddler
Loading thread data ...

There's an unbrick here

formatting link

Reply to
Owen Cook

ers. Just a heads up to a potential headache.

ers The move to combat counterfeit chips leaves hobbyists stuck in the midd le.

ontrollers are finding that a recent driver update that Microsoft deployed over Windows Update has bricked some of their hardware, leaving it inaccess ible to most software both on Windows and Linux.

How could Window Update affect Linux?

Reply to
edward.ming.lee
:

llers. Just a heads up to a potential headache.

ckers The move to combat counterfeit chips leaves hobbyists stuck in the mi ddle.

ocontrollers are finding that a recent driver update that Microsoft deploye d over Windows Update has bricked some of their hardware, leaving it inacce ssible to most software both on Windows and Linux.

The driver used a difference in how eeprom writes is handled to set the PID in fakes to zeros but leave in unchanged in the real FTDIs So after a fake has been plugged on windows it has a PID of zeros so the driver will not longer load on any platform

-Lasse

Reply to
Lasse Langwadt Christensen

om:

rollers. Just a heads up to a potential headache.

hackers The move to combat counterfeit chips leaves hobbyists stuck in the middle.

crocontrollers are finding that a recent driver update that Microsoft deplo yed over Windows Update has bricked some of their hardware, leaving it inac cessible to most software both on Windows and Linux.

ID in fakes to zeros but leave in unchanged in the real FTDIs

driver will not longer load on any platform

Perhaps other manufactures should sue FTDI. It's not unlawful to make some thing that acts like FTDI chips. But FTDI knowingly sabotage other people' s chip. They know they didn't make the board/chip and they have no right t o do it this way.

Reply to
edward.ming.lee

Sueing FTDI might become a boomerang for _them_. They illegally used FTDIs PID and the copyrighted driver.

--
Reinhardt
Reply to
rbehm

trollers. Just a heads up to a potential headache.

hackers The move to combat counterfeit chips leaves hobbyists stuck in the middle.

icrocontrollers are finding that a recent driver update that Microsoft depl oyed over Windows Update has bricked some of their hardware, leaving it ina ccessible to most software both on Windows and Linux.

e PID in fakes to zeros but leave in unchanged in the real FTDIs

he driver will not longer load on any platform

something that acts like FTDI chips. But FTDI knowingly sabotage other peo ple's chip. They know they didn't make the board/chip and they have no rig ht to do it this way.

s PID and the copyrighted driver.

So, it's 50-50. I don't think they copyrighted the Linux driver. Perhaps the users intended to use it on Linux only and accidentally hooked up to th e Window machine. Anyway, the right thing to do is to avoid FTDI chips in the first place. There are plenty of micro capable of do whatever FTDI chi ps are doing.

Reply to
edward.ming.lee

The manufacturer doesn't "use" the driver, the consumer does. The consumer who is often the patsy of sellers who claim to be selling the real McCoy FTDI chip. The user typically doesn't select the driver, they only use the driver provided either by the Windows installation or one downloaded by the Windows update. In this case people who fully believed they had an FTDI product would have been surprised when the updated driver bricked their cable.

I would like to see the justice department look into this. I don't see how it is any different from writing a virus. I sympathize with FTDI and would love to see a solution to the counterfeit problem, but this was clearly over the line.

--

Rick
Reply to
rickman

Lol. Sure just don't buy any computer equipment and problem solved.

I made every effort once to buy serial cables on eBay with only legitimate Prolific chips. I even contacted the seller and asked for the specific revision that would work under Windows 8. When I got the cables they weren't Prolific chips and weren't even Prolific clones (which won't work with Windows 8). They used a Chinese chip which had its own driver, but did work under Win 8. It took me considerable searching on the Internet to figure it all out and locate the chip maker's web page with the driver.

The serial cable market is full of crap and I've never found a way to avoid it. I suppose I could make my own cables, but then I could make my own oscilloscopes too.

--

Rick
Reply to
rickman

[...]

The same hobbyist might accept a $20 bill from a vendor and mix it in with his other bills. When a bank detects this, the hobbyist is out that $20. Aside from the "bricking" -- which, I understand, is reversible -- the counterfeit "FTDI" chip is being handled just like a counterfeit "$20 bill", except that with the "FTDI" chip the Federal government doesn't get involved.

Just as one of us would be if we discovered that one -- or more -- of the $20s in our pocket was counterfeit. Is your concern that someone bought a counterfeit chip? Or that a piece of software pointed that counterfeit out to them?

Are you referring to the reversible "bricking" (disabling) -- which I understand is being removed from the driver? Or the refusal of the FTDI driver to talk to a non-FTDI chip?

I would personally be very disappointed to discover that some "really cheap" USB device I've ordered turns out to have a counterfeit FTDI chip in it. I'd be mildly miffed at FTDI when it occurred, mostly because I'm human and "it used to work and now it doesn't", but I'd also understand why FTDI felt they had to do it, and any complaints I had would be aimed back up the supply line that provided me with that USB device with the bogus chip.

And I'd be more cautious in the future. A new WinXX FTDI driver that refused to talk to bogus chips would notify me of the problem as soon as I plugged my WonderfulNewUSBSerial device in and let me get back to the reseller and demand a refund, which would then make him/her/it more careful about their supply line. As word made it back up the chain, the use of bogus chips would decrease.

The alternative -- which some people seem to feel reasonable -- is to insist that any FTDI driver always function with any chip stamped with an FTDI logo, regardless of its source. "It's illegal, but we got away with it once, so you have to keep letting us get away with it". The fact that this kind of logic has been applied in the immigration area should not be considered an encouragement to let it spread into business law.

IM(NS)HO.

Frank McKenney

--
  If the modern world will not insist on having some sharp and 
  definite moral law, capable of resisting the counterattractions of 
 Click to see the full signature
Reply to
Frnak McKenney

Software can't detect a counterfeit chip. It is only counterfeit if it is passed off as a brand name chip. Does the software read the writing on the chip package?

The bricking of course. If someone scratches the paint on my car, the fact that it can be repainted does not mean it wasn't a crime.

FTDI "had" to brick my device? Lol. Now you sound like a drunk hauled into court because he punched out a fellow drunk. "Judge, he insulted my truck, I *had* to hit him".

I have problems with licensing on various software interfering with my work. If I was working on a deadline and the FTDI driver bricked my serial cable stopping me from working I would be seriously upset... possibly enough to punch someone.

And that is totally different from bricking a device.

Who is "some people"? I think I have been very clear about my statements. Is there something I wrote that you don't understand?

What does this mean? "I am not some ho"? What?

--

Rick
Reply to
rickman

You get dumber with each post.. It shows beyond all doubts that you are out side your realm.

Jamie

Reply to
Maynard A. Philbrook Jr.

The new FTDI driver software certainly seems to be able to distinguish between the real FTDI chip and a counterfeit. It would have been nice to have FTDI produce a counterfeit detector program so that one can test prosepective chips without trashing them. Timing various chip operations should be sufficient as the counterfeits seem to be of radically different geometry.

--
Jeff Liebermann     jeffl@cruzio.com 
150 Felker St #D    http://www.LearnByDestroying.com 
 Click to see the full signature
Reply to
Jeff Liebermann

If the "counterfeit" chips are actually mask-level clones (in breach of copyright) of the genuine article, then the driver shouldn't be able to tell the difference.

That suggests that the "counterfeit" chips are actually chips reverse engineered to work with the FTDI driver. Such chips would be perfectly lawful, and if FTDI is deliberately damaging them, I'd think it could get itself into trouble, notwithstanding its licence conditions.

Sylvia.

Reply to
Sylvia Else

rickman wrote in news:m2gk1s$b9i$ snipped-for-privacy@dont-email.me:

Its quite simple. FTDI broke the law.

In most western countries it is illegal to modify or damage computer data or equipment without either the permission of the owner or a court order. FTDI provided Microsoft Update with a driver containing malware for world-wide distribution knowing full well that it contained malware (hence the ass-covering EULA disclaimer) that was deliberately designed to disable (soft brick) both legally reverse engineered FT232 compatible chips and fake FTDI chips.

Its only a fake if it is passed off as being made by FTDI e.g. marked with their part number and/or logo or anything close enough to confuse the average user.

As it is extremely common for really cheap Chinese electronics to use COB (chip on board) packaging, with its characteristic unmarked blob of black epoxy, it is highly likely that there are a significant number of legal FTDI compatible cables owned by users across the western world. deliberately soft bricking them was inexcusable.

I have *NO* sympathy for anyone who bought fake chips and modules at 'too good to be true' prices even though soft bricking them was illegal and acting to protect their IP by making their driver report an error if a compatible chip is used is a legitimate part of the manufacturer vs counterfeiter arms race.

FTDI should have handled this with a WGA style notifier that explained that a non-FTDI chip was trying to use their driver without a valid licence. Rolling back the driver would not easily remove the notifier.

At that point, optionally they could have come out of this with good PR by offering a node-locked licence for a modified version of the driver for a reasonable price + an easy to use utility to rewrite the PID to one compatible with the new driver, which would then identify it as "USB to Serial (FT232 compatible)", possibly with a discount for providing enough proof of any fakes (e.g. good photo + scan of invoice) to legally go after suppliers. The new driver would NOT be warranted to function correctly with anything except a genuine FTDI chip but would be warranted not to contain code to deliberatly distingish a compatible chip from a genuine one.

Suppliers who had acted in good faith and co-operated with going after the fake distributors could have been offered deals on bulk driver licences for their customers.

FTDI would have got a revenue stream from the compatible chips, the end users would be left with working systems and most of the pain would have been pushed as far up the counterfeit supply chain as possible.

--
Ian Malcolm.   London, ENGLAND.  (NEWSGROUP REPLY PREFERRED)  
ianm[at]the[dash]malcolms[dot]freeserve[dot]co[dot]uk  
 Click to see the full signature
Reply to
Ian Malcolm

Two things.... the first is that a chip is only counterfeit if it is sold as the chip it duplicates rather than a chip that duplicates the same functionality. Otherwise it is just a legitimate work alike chip. I can copy any famous and valuable work of art that I wish. It is only a counterfeit if I try to sell it as the original work of art.

The other is that there are reports that the software also craps on their own product.

Prolific has the same problem. They have updated their driver to support their latest revision of the chip to work under Windows 8, but not the earlier revisions. They even provide a program you can run that will tell you which revision of the chip it is. Interestingly enough it won't run under Win 8 though. I don't know if this also detects counterfeit chips but I suspect that is part of the reason they aren't supporting old revisions under Win 8. This will force the counterfeit makers to respin their chips... at some point.

--

Rick
Reply to
rickman

I believe you are correct with one exception. I have yet to see anyone selling these cables as FTDI "compatible" rather than as FTDI cables. Even if the chip maker doesn't claim they are FTDI chips, the cable seller most likely is. Have you seen anyone selling these cables and not claiming they contain an FTDI chip?

--

Rick
Reply to
rickman

Yeah, as long as you don't claim USB compatibility you're fine. if you do you're using the device ID given to FTDI (or the name USB) without permission.

--
umop apisdn
Reply to
Jasen Betts

my take on this is "if you plug a non-usb device into a usb port you take responsibility for the results". The counterfeit chips, which use FTDI's USB device-id without permission are, because of that, arguably not USB devices. ie: they can't legally use the USB logo on the device or packaging.

The average user will only see the device id if they go looking for it and not the chip package itself.

Who owns the device id?

After that it'd still be using the device id without a licence.

Yeah, FTDI are not the only victims.

--
umop apisdn
Reply to
Jasen Betts

This is why I *never* let Windows update drivers, only itself. If a driver update is needed for any reason (and I believe in "if it ain't broke then don't fix it") then I get it from the hardware supplier.

--
Shaun. 

"Humans will have advanced a long, long, way when religious belief has a  
 Click to see the full signature
Reply to
~misfit~

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.