FTDIgate 2.0?

[dannyf]

FTDI could easily kill the clones by selling at a lower or equal cost.

Kind like you losing out to a clone of yours in India because he could do your job at a lower cost. You went home and you wife told you: "you could have easily killed that clone by selling your labor at an even lower cost."

After a few rounds of such competition, you may come to appreciate FTDI's position.

[dannyf]

You can't win with these trolls.

If you cannot attack the message, attack the messenger.

Pathetic.

[amyk]

Who the hell still needs FTDI?

They are a shitty company, with zero respect for the end-users (who may or most likely may not [which was my case] be aware that their chip is fake).

It's not like we don't have alternatives and we really need them. There are plenty of options out there, from complete software solutions (like V-USB) to other dedicated alternatives, like the CH340G chip, and other solutions from Prolific, Texas, Cypress, Silicon Labs, Microchip, and a few others.

The sooner people stop caring about FTDI and stop using their products, the sooner we'll be rid of the problem.

This, absolutely. It's hilarious and a bit sad that FTDI think it's even worth trying to "protect" their IP for what amounts to an IC that would be considered almost trivial in functionality these days. The fact that it's been cloned and there are so many other implementations says that what they have is nothing special. It's just a bloody USB-RS232 converter... the sooner people stop choosing them and move to cheaper, less hostile alternatives, the better.

[miguelvp]

My question will be, why would a company develop a product that uses the manufacturer's default VID and PID, knowing that any program that can talk to a COM port could cause damage or be dangerous?

Nah, those products are done by cheap and hobby level products and won't invest in making sure their device is bullet proof.

Regardless of FTDI or whatever other chip is used.

[zapta]

Just stumbled upon this one on the Saelig website. A general purpose counterfeit IC detector.

[rdl]

Why in the world do people let Windows update device drivers in the first place?

[FrankBuss]

My question will be, why would a company develop a product that uses the manufacturer's default VID and PID, knowing that any program that can talk to a COM port could cause damage or be dangerous?

Nah, those products are done by cheap and hobby level products and won't invest in making sure their device is bullet proof.

Regardless of FTDI or whatever other chip is used.

If the product uses the FTDI chip, it is the simplest way to use the manufacturers VID and PID, because otherwise you would have to provide an INF file (which needs to be signed for newer Windows versions), which would simply reference the ftdibus.sys driver anyway. As I've tested, the standard Microsoft usbser.sys doesn't work with the FTDI chips.

I think there is nothing wrong with protecting the IP. I really like the functionality of the FTDI chips, especially the modern versions, like the FT2232H, which you can use as a JTAG programmer as well (supported out of the box by the Lattice FPGA programmer). It is some work to produce a good working chip with driver support for all operating systems that usually just works. Cheaper alternatives are not as good, like the MCP2221, which has a gap of 30 us between bytes, so it is useless for modern higher baud rates like 1 Mbaud and even at 115,200 baud the effective baud rate will be solwer than possible.

Of course, it is another question how to protect the IP. Providing test tools, even displaying a warning for counterfeits is ok, but the product should still work, even if it uses a counterfeit. Or maybe show a warning which says that it will stop working after a month. Then the users have time to replace it, or get the money back from the eBay sellers.

[miguelvp]

So then any other FT232r based program could cause problems with your device if you leave the PID and VID to be the default one, unless you make sure it doesn't react to random chatter.

[FrankBuss]

So then any other FT232r based program could cause problems with your device if you leave the PID and VID to be the default one, unless you make sure it doesn't react to random chatter.

It is mapped to a serial port (unless you've configured it for the "D2XX Direct" driver), so yes, any program which can send data to a serial port can cause problems with such a device. PID and VID doesn't matter, it will be still a serial port. The only advantage of a custom PID and VID with FTDI chips would be that the intended program could detect its device without the need for the user to specify the serial port number or sending random (for other devices) characters to all COM ports.

If you need a more professional solution, libusb might be better, but more work for the software side, too. On the microcontroller side it is not that much more work, at least was easy last time I tested it with the mbed framework on an LPC series chip from NXP.

[Muxr]

Having thought about this for the past 2-3 days, I am actually now supporting FTDI's decision to do this. Counterfeit components not only hurt the original manufacturer, but also their customers who designed their chips into their products. Because it creates an uneven playing field between those who buy legitimate components and those who have access to counterfeits which cost 1/10th the price.

FTDI has every right to protect their IP.

[mtdoc]

FTDI has every right to protect their IP.

Sure they do (I haven't seen anyone argue otherwise).  This is just a poor way to do it and will only alienate more customers.

[Muxr]

FTDI has every right to protect their IP.

Sure they do (I haven't seen anyone argue otherwise).  This is just a poor way to do it and will only alienate more customers.

I haven't seen anyone suggest a viable alternative to fight clones.

[f4eru]

I haven't seen anyone suggest a viable alternative to fight clones.

- Sell cheaper (that's really overdue, FTDI is overpriced, and their design is old and amortized)
- upgrade your products, and make your customer like the non compatible new features ( by being useful, not the actual kind of upgrade from FTDI)
- get to new markets when your product line is dying off (and don't get angry customers just when you need them to adopt your new products)
- in case of FTDI, stop being a malware company

Also, if you really don't want to be copied,cloned or even counterfeit, there's a simple and very effective solution:
- Be mean, stay small : cloners concentrate on top seller products with very high margin
- Be cheap yet effective : reduce the margin of potential cloners by using cost effective solution on your side, with a reasonable quality

[miguelvp]

I haven't seen anyone suggest a viable alternative to fight clones.

- Sell cheaper (that's really overdue, FTDI is overpriced, and their design is old and amortized)
- upgrade your products, and make your customer like the non compatible new features ( by being useful, not the actual kind of upgrade from FTDI)
- get to new markets when your product line is dying off (and don't get angry customer when you need them to design in your new products)
- in case of FTDI, stop being a malware company

Also, if you really don't want to be copied/cloned/counterfeit, there's a simple and very effective solution:
- Be mean, stay small : cloners concentrate on top seller products with very high margin
- Be cheap : reduce the margin of potential cloners by using cost effective solution on your side, with a reasonable quality

Yeah, let every product compete with the prices of the crap you find at Walmart. Why buy quality tools when you can buy cheap crap that might work for a while? I guess I should be able to purchase high quality Swiss tools for the same price as the cheap tools out there.

Just because you want them to be cheaper, it doesn't mean they should be cheaper.

[matseng]

I ran a quick 24hr vote on Twitter. This was the result:

[marcan]

The windows event log takes a few fixed parameters, to make sorting/filtering easier, and then a raw string.
Apart from a list of standard error codes on the fixed fields you can put whatever you want into the raw section, which is assumed to be human readable text.

The messages in question were logged using a code, though (ErrorCode), the string wasn't directly passed in.

https://msdn.microsoft.com/en-us/library/windows/hardware/ff550571(v=vs.85).aspx

Even with custom error code strings, though, it does support percent-substitution, so yeah, this is just FTDI's shoddy coding.

I haven't seen anyone suggest a viable alternative to fight clones.

How about just failing device enumeration? Or even just refuse to TX/RX any data? They already log a message to the system event log saying that the device is counterfeit. The utterly retarded part is where they corrupt data instead of just refusing to work altogether.

[f4eru]

No, I don't want them to be cheaper.

I only say if you really want to not be copied, don't be in the top range. Somebody else will be in the top range and will be copied.
Top products will be copied, that's just life, you cannot avoid it.

But it should not matter to you, because you're in a different price and quality segment than (legal) clones. Learn to sell that quality to your customers who always look at the low price low quality alternative.

[f4eru]

I ran a quick 24hr vote on Twitter. This was the result:

The thing is : they don't "send a warning text", which would mean dropping an error window.

No, what they do is not sending a warning, What they do is intentionally corrupting data. And that's potentially very dangerous. It's a nogo.
Never use a product that will willingly corrupt your data !!!

[RFZ]

I haven't seen anyone suggest a viable alternative to fight clones.

Really? Choose one:
*) stop the driver from working with generic error code (like Code 10 / 43 / 48)
*) stop the driver from working and display a user-friendly notification referring to a website that explains what caused the problem and who to inform (if possible)
*) let the user continue using the device (for some time) and display a user-friendly notification referring to a website that explains what caused the problem and who to inform (if possible)

[Ian.M]

Of course FTDI have a right to restrict their driver to their hardware, but they don't have a right to screw with 3rd party data or hardware while doing so.

What's wrong with simply making the driver reject clones with an error code like any sane company would?  e.g. Prolific used error code 10 (device cannot start).  There wasn't this level of outrage against Prolific - Smart users just avoided unbranded cables/adapters with Prolific drivers.

Even if you think it was OK to tamper with the data on the end user's wire to read "NON GENUINE DEVICE FOUND!", it was a dick move not to use: "NON GENUINE FTDI DEVICE FOUND!"

[RFZ]

I ran a quick 24hr vote on Twitter. This was the result:

I've seen this vote but I think it's completely missunderstandable.
What does "send warning text" mean?
a) Send a warning Text in 7/8bit ASCII via RX/TX lines which won't be visible to a end-user in 98% of applications?
b) Show a readable warning text/notification to the user on the computer?

Sure, "send warning text" won because "Hey, lets send out a warning" is obviously the best thing you can do. And I agree. But the way this warning is sent out has to be specified and understood by those voting. And I doubt that they did...

[mtdoc]

The market demands that higher prices are justified by better quality, features or marketing. It appears FTDI has determined they are not competitive on that basis.

If FTDI can't find a way to protect their IP non destructively and without malware then they must compete in the market or fail.

IMHO the approach they are currently taking will fail.

[miguelvp]

On the survey there was no option for don't work with clones.

So that 24hr vote doesn't mean much because you took off what they actually did.

As for destructively or malware, no one has shown any evidence of that.

If your product accepts anything that comes from that COM port, then whoever wrote the device code is to blame since any other program can talk to that COM port.

[miguelvp]

Well, after seeing the latest Mailbag:

https://www.eevblog.com/forum/blog/eevblog-847-mailbag/

I guess you are all right, we should just buy the counterfeit "Arts of Electronics Third Edition" screw the authors!

Of course I kid, but that's what I'm hearing here. They should provide the real book at the same price as the fake ones!

[Karel]

Also the assumption FTDI present and future detection algorithms will never be wrong is a false one.

Can you provide a link to a documented event that shows that FDTI wrongly detected a non-genuine chip
while in reality it was genuine?

I think ... blahblahblah...

No link? Thats what I thought.