FTDIgate 2.0?

[Karel]

The counterfeit chips do have the FTDI logo. That's why it's counterfeit...... They just try to make the counterfeit chips stop working.

Bullshit.

You convinced me with your impressively intelligent reply.

Most of these chips do not have a FTDI marking.

It's getting interesting. Which chips exactly don't have the FTDI name/logo and do use FTDI's USB VID & PID?
Please show me a link or a Farnell/Mouser/RS Components product number.

[madires]

Clone FT232 without using their logo is legal since FTDI, AFAIK did not patent the protocol.
Cloning SMB is not. M$ patented their protocol. However, the reason Samba is legal is because M$ explicitly gave up rights on SMB protocol, as well as many other commonly used M$ protocols/formats, like docx.

It's much more complex:
https://en.wikipedia.org/wiki/Proprietary_protocol#Reverse_engineering
https://en.wikibooks.org/wiki/Reverse_Engineering/Legal_Aspects
https://www.samba.org/samba/docs/myths_about_samba.html

[dannyf]

Reminds me of Angelina Jolie, who removed her breasts and ovaries just because she was afraid of cancer.

Unless she is trying to remove your breasts or ovaries, I have a hard time understanding what beef you have with her actions.

[dannyf]

You can't give away something to people and try to restrict how they use it.

It is done all the time.

But, if the boards Nvidia gives away put fire to your home, ...they would still be liable.

The fact that you can sue them for liability and they are liable are two different things.

Besides, it's true that another company is not supposed to use the VID/PID. But you are allowed to do such tricks for the sake of compatibility.

I think you may have put too much stock in your understanding of the laws.

[madires]

The counterfeit chips do have the FTDI logo. That's why it's counterfeit.
And that's why I sympathize with FTDI. They just try to make the counterfeit chips stop working.
I should have done the same.

Nobody said that FTDI can't protect their IP and brand. It's about the way they do it. Bricking compatible chips or modifying data sent to a compatible chip is computer sabotage or willful damage to property in several countries. It's a crime and FTDI's management could face jail time. This is a fact! And it doesn't matter what FTDI writes in an EULA. If parts of the EULA violate local law, those parts are without any meaning. What FTDI can do legally is to identify products with counterfeit chips and to let law enforcement confiscate and destroy those imports. Or they can release a driver which simply doesn't work with counterfeit or compatible chips.

I don't get it that some people are advocating FTDI's criminal actions. FTDI has done it twice now.

[Karel]

The counterfeit chips do have the FTDI logo. That's why it's counterfeit.
And that's why I sympathize with FTDI. They just try to make the counterfeit chips stop working.
I should have done the same.

Bricking compatible chips or modifying data sent to a compatible chip is computer sabotage ...

Preventing counterfeit chips from working with their (FTDI's) driver and inserting a string "not a genuine chip"
is a logical response. Counterfeit chips shouldn't be produced or imported in the first place.
Aim your anger at the counterfeiters.

[c4757p]

You have a very interesting definition of "logical". Also, you seem to be under the impression that only one person can be at fault for something at a time (and that it's whomever you like less)...

[madires]

Bricking compatible chips or modifying data sent to a compatible chip is computer sabotage ...

Preventing counterfeit chips from working with their (FTDI's) driver and inserting a string "not a genuine chip"
is a logical response. Counterfeit chips shouldn't be produced or imported in the first place.
Aim your anger at the counterfeiters.

Sorry, you can't argue a crime away. If FTDI's driver's would have just stopped working with counterfeit or compatible chips nobody would complain. But FTDI has overdone it in a way which is considered a crime in several countries.

[janoc]

Preventing counterfeit chips from working with their (FTDI's) driver and inserting a string "not a genuine chip"
is a logical response. Counterfeit chips shouldn't be produced or imported in the first place.
Aim your anger at the counterfeiters.

Karel, you keep repeating the same BS over and over. That won't make any more valid.

You are conflating two issues. Nobody is taking away FTDI's right to defend their IP or their rights. But they must do it in a legal manner. A good example of this was the hullabaloo when Fluke had Sparkfun's shipment of dodgy multimeters confiscated for trademark violation. That is the way to handle it, even though still a bit dicky move on Fluke's part - but they have actually shown good will compensated Sparkfun for it, even though they didn't have to do so.

If FTDI were a French company, they would have been roasted by the state for this already, because it is illegal to tamper with someone else's equipment - it is considered sabotage, especially as it is obviously intentional and not just "happens to not work because we don't guarantee compatibility".

It is the same concept as me not being able to simply shoot and kill a thief stealing my bike - I would end in jail for murder, plain and simple. That doesn't mean I have to let the thief steal it but I must use an a proportionate response instead of just blasting a hole in their head.

There is a concept of proportionality in law - your defense cannot cause more harm or harm that would be grossly out of proportion to the possible damage that could happen if there was no defense. So beating that bike thief up in the process would probably be still considered reasonable, taking their life would be not.

In FTDI's case all that it will take is a single accident that could be attributed to FTDI's grossly reckless actions and people will go to jail, regardless of what you are thinking is their right to do. It is just sad that there are actually people around who still don't get this concept.

[0xdeadbeef]

This kind of discussion always gets so emotional. Nobody would have complained if FTDI would implement their drivers and tools in a way that they only work with their own products. That's their right and if they did so from the very beginning, this whole problem would have never existed.
On the other hand bricking ICs (and thus devices) or potentially damaging devices by sending out garbage is a no-go. Even though admittedly the chances that an identified fake chip doesn't have an FTDI logo is about as unlikely as people being killed or injured by the "non genuine" string, the mere fact that both is not 100% impossible should be more than enough reason never to do such a thing. Obviously nobody of us has the juridical knowledge to judge the legal implications exactly, but it must be clear that even potentially damaging other people's property is nothing you can do without at least expecting to get legal trouble.
To talk in pictures as this was done so many times before in this thread: if someone stole your car, you should call the police, but setting his house on fire would be considered a crime in most civilized countries. Now to make the picture even more accurate, this is like setting the house of someone on fire who bought your stolen car unknowingly. Who could claim this was just or reasonable?

[Karel]

Preventing counterfeit chips from working with their (FTDI's) driver and inserting a string "not a genuine chip"
is a logical response. Counterfeit chips shouldn't be produced or imported in the first place.
Aim your anger at the counterfeiters.

Karel, you keep repeating the same BS over and over.

You convinced me with your impressively intelligent reply.

It is the same concept as me not being able to simply shoot and kill a thief stealing my bike ...

I guess you have lost connection with reality. If french people considder that killing a bicycle thief is
the same concept as a softwaredriver that refuses to work with counterfeit chips (chips who shouldn't be produced,
sold or imported in the first place), well, then I'm glad I don't live in France.

[c4757p]

It's a fair analogy, if a bit hyperbolic - in other words, just because somebody does something bad to you, that doesn't mean you get license to do whatever you want to them. All the arguments that FTDI can do this 'because counterfeiters' are missing the point of the argument, which is whether it's a reasonable thing to do at all regardless of why they're doing it.

[Karel]

Sorry, you can't argue a crime away.

Whether or not FTDI has committed a crime still needs to be determined. In the country where I live,
we have legal system with judges for that. So far, I haven't heard about any lawsuit against FTDI.

What we do know for sure is that counterfeiting is a crime (at least in most western countries).
So, aim your anger to the counterfeiters.

[madires]

Sorry, you can't argue a crime away.

Whether or not FTDI has committed a crime still needs to be determined. In the country where I live,
we have legal system with judges for that. So far, I haven't heard about any lawsuit against FTDI.

Then please ask a lawyer in your country! I'm not a lawyer but I got an education in basic law and have been involved in legal topics, some being the contact for law enforcement. For Germany it's StGB §303a and §303b ( http://www.gesetze-im-internet.de/stgb/__303a.html and  http://www.gesetze-im-internet.de/stgb/__303b.html , Google Translate might help). If the broken device would be a medical device, a SCADA system or production machine for example, things would become interesting. But nobody would file a complaint about a cheap gadget (the damage would be too small).

[dannyf]

If the broken device would be a medical device,

What is a "broken device"? Who "broke" it?

[Karel]

Sorry, you can't argue a crime away.

Whether or not FTDI has committed a crime still needs to be determined. In the country where I live,
we have legal system with judges for that. So far, I haven't heard about any lawsuit against FTDI.

Then please ask a lawyer in your country!

The people who claim that FTDI is doing something illegal should do that.
I don't have any problems with FTDI. No need for me to ask a lawyer.

I'm not a lawyer ...

Fortunately, I don't need one anyway.

If the broken device would be a medical device, a SCADA system or production machine for example, things would become interesting.

FTDI's driver has been out for quiet some time now and nothing "interesting" has happened so far.

[miguelvp]

Hmm they committed a crime?

Well, since they are part of the UK and they are part of the EU, then go ahead by all means and report them to the authorities.

Since you are so sure you get a lawyer and take action.

[amyk]

Totally sure. It's a documented errata of the FT232R that was never fixed as far as I can tell, and there is no usable workaround (the workaround in that PDF is total bullshit, because you can't actually feed it data fast enough through USB to keep up with the max bitbang clockrate). The clone chip got it right. The errata PDF actually goes out of its way to be misleading and imply that the bug is fixed in Rev B, while it isn't - of the 3 issues documented, two say "fixed in rev B", but not the timing issue, and the Revision B section says "There are no known new functional issues specific to revision B.". I can confirm that genuine revision C chips are still bugged in bitbang mode. So, two silicon revisions later FTDI still hasn't fixed their broken bitbang mode, while the cloners got it right on the first try (as far as I can tell).

I can imagine the hilarity of someone whose design was based on the clone and worked until they ran into this problem with the new drivers and replaced their chip with a genuine one, only to find that it's now not working like it should...

It's getting interesting. Which chips exactly don't have the FTDI name/logo and do use FTDI's USB VID & PID?
Please show me a link or a Farnell/Mouser/RS Components product number.

Go back a few pages and read my posts... there's the Supereal SR1107/RD232A (likely the bulk of the clones) and Integral IZ232R (bare die). I also referenced this post from the first FTDIgate.

[Karel]

It's getting interesting. Which chips exactly don't have the FTDI name/logo and do use FTDI's USB VID & PID?
Please show me a link or a Farnell/Mouser/RS Components product number.

Go back a few pages and read my posts... there's the Supereal SR1107/RD232A (likely the bulk of the clones) and Integral IZ232R (bare die). I also referenced this post from the first FTDIgate.

I followed your links but I couldn't find any real information about those chips like where I can buy them, and where to find
the datasheet. Can you please provide links with some real useful info?

[madires]

If the broken device would be a medical device,

What is a "broken device"? Who "broke" it?

"Broken device" is a simplification. The act of manipulating data ("NON GENUINE DEVICE FOUND!" instead of what ever is sent) without consensus is a criminal act by itself (§ 303a). Penalty is a fine or up to 2 years jail time. The offender is FTDI with their windows driver sending "NON GENUINE DEVICE FOUND!".

§ 303b is about interfering, modifying or damaging computer based systems which are important to someone else, also includes § 303a. There are three levels of penalties, for private computer systems, for corporate computer systems (includes authorities as well) and for huge damages, cyber criminals and important infractructure. Modifying the USB ID is clearly an illegal modification. Based on what the actual damage is, it could be just a fine (private/corporate) or jail time (up to 3 (private), 5 (corporate) or 10 (huge damage ...) years). The offender is FTDI with the old driver modifying the USB ID. Or with the new one sending "NON GENUINE DEVICE FOUND!" in case that the manipulation interferes with a computer system which is important to the victim.

[miguelvp]

Since you are in the EU, then report them, let us know how that went.

[madires]

Hmm they committed a crime?

Well, since they are part of the UK and they are part of the EU, then go ahead by all means and report them to the authorities.

Since you are so sure you get a lawyer and take action.

I'm out. Can't argue about law with people without a basic understanding of law. Silly me.

Just a small hint: please read about "Strafanzeige" and "Strafantrag" and maybe you'll understand.

[madsci1016]

"Broken device" is a simplification. The act of manipulating data ("NON GENUINE DEVICE FOUND!" instead of what ever is sent) without consensus is a criminal act by itself (§ 303a). Penalty is a fine or up to 2 years jail time. The offender is FTDI with their windows driver sending "NON GENUINE DEVICE FOUND!".

§ 303b is about interfering, modifying or damaging computer based systems which are important to someone else, also includes § 303a. There are three levels of penalties, for private computer systems, for corporate computer systems (includes authorities as well) and for huge damages, cyber criminals and important infractructure. Modifying the USB ID is clearly an illegal modification. Based on what the actual damage is, it could be just a fine (private/corporate) or jail time (up to 3 (private), 5 (corporate) or 10 (huge damage ...) years). The offender is FTDI with the old driver modifying the USB ID. Or with the new one sending "NON GENUINE DEVICE FOUND!" in case that the manipulation interferes with a computer system which is important to the victim.

Lol, All FTDI has to do is say "You were using a piece of software that was never advertised nor intended to work with the hardware you had connected to your system." Whether you installed it yourself or you had your computer configured to install it automatically, both are your responsibility to control.

I mean think of it, setting the precedent that by simply copying a VID:PID makes the original certified owners of that ID suddenly liable for any damage caused by malfunction (intentional or not) due to driver mis-identification is ludicrous. That's the whole point of the VID:PID system, to create unique identifying pairs for software to match hardware. Those that broke that trust system should be liable for any damage.

[miguelvp]

Hmm they committed a crime?

Well, since they are part of the UK and they are part of the EU, then go ahead by all means and report them to the authorities.

Since you are so sure you get a lawyer and take action.

I'm out. Can't argue about law with people without a basic understanding of law. Silly me.

Since you are such an expert in law and you seen a company committing a crime as you said. Then as an EU citizen you should report them. I don't claim to have intrinsic knowledge of EU law at all, but you do make such claims.

Not reporting a crime is as bad as committing one, right?

[miguelvp]

Just a small hint: please read about "Strafanzeige" and "Strafantrag" and maybe you'll understand.

Does that mean that you want us to report it for you? I have no beef with FTDI at all.