FTDI driver kills fake FTDI FT232s

Microsoft should revoke the driver&#x27;s signature via their next CRL update, so that it refuses to install (effectively making the drivers unsigned). It is acting maliciously and will break consumer&#x27;s hardware, even hardware which doesn&#x27;t contain any FTDI chips.<p>If FTDI have an issue with a company ripping off their IP then go sue that company. But what they&#x27;re doing is catching consumers in the firing line, who will wind up with multiple dead USB devices. There&#x27;s no reasonable way a consumer can know they are buying something with a fake chip and this could kill devices years old, which will be outside of warranty.<p>I am totally serious that Microsoft should step in. FTDI&#x27;s driver is so defective that it is literally killing hardware, if they won&#x27;t step in for this then what will they step in for?

If anyone is curious what a real vs fake FTDI chip looks like under the hood (de-capped chip) this is a great analysis and some beautiful pictures.<p><a href="http://zeptobars.ru/en/read/FTDI-FT232RL-real-vs-fake-supereal" rel="nofollow">http:&#x2F;&#x2F;zeptobars.ru&#x2F;en&#x2F;read&#x2F;FTDI-FT232RL-real-vs-fake-supere...</a><p>Exerpt:<p><i>&quot;What&#x27;s the economic reason of making software fake of well-known chip instead of making new one under your own name? This way they don&#x27;t need to buy USB VID, sign drivers in Microsoft, no expenses on advertisement. This fake chip will be used right away in numerous mass-manufactured products. New chip will require designing new products (or revisions) - so sales ramp up will happen only 2-3 years later. Die manufacturing cost is roughly the same for both dies (~10-15 cents).&quot;</i>

I hope this causes a major and publicly visible malfunction in some important device&#x2F;installation&#x2F;machinery, of course with no harm done to any persons, but enough of an embarrasment to really set an example, so no vendor will think of pulling tricks like these in the future.<p>Takeaway lesson: End users should never touch anything remotely FTDI-like, since it&#x27;s probably impossible to verify if the device is genuine or not. Wonder if FTDI thought this through.

It&#x27;s interesting to consider from a legal perspective exactly why this <i>isn&#x27;t</i> something a company is allowed to do. (Assuming the company did in fact intentionally damage people&#x27;s chips, reversibly or not -- sounds like we don&#x27;t know for sure yet?)<p>- Intentionally sabotaging someone&#x27;s stuff, legally, is more or less the same as intentionally taking it. Keying a car and driving it away might have different names but are on the same scale.<p>- There ain&#x27;t no self help. If you think someone else&#x27;s stuff should actually be your stuff, your path is through a court.<p>- We don&#x27;t fix things with injunctive relief that can be fixed with money. When Apple proves that Samsung violated a patent or vice versa, we don&#x27;t collect and burn all the infringing phones, we just make someone cut a check. Because we are not idiots.<p>- The &quot;someone&quot; who cuts the check is Samsung or Apple, not their customers. As far as I know no one&#x27;s managed to go after end users, even in extreme cases like a $10 designer handbag where the buyer obviously knows it&#x27;s not real. (And it&#x27;s at best unclear whether going after the buyers would make any sense, even in those extreme cases -- if someone pays knockoff prices for a knockoff product, it&#x27;s the seller and not the buyer who has ill-gotten gains. There might be some additional reputation damage and lost profits that the buyer is complicit in, but it makes a lot more sense to me -- and apparently everyone else -- to make the seller pay for those as well.)<p>- When you <i>do</i> go after the seller of trademarked goods and want to seize those goods, we actually have a procedure for that -- Section 34 of the Lanham Act.[1] Which includes a whole bunch of protections like swearing out an affidavit, getting permission from a judge, informing the attorney general, posting a bond to cover damages, conducting the seizure through government agents, and keeping the seized items in the custody of the court. It&#x27;s very much unlike showing up at someone&#x27;s house and breaking their stuff.<p>(I am a lawyer; I am not a trademark lawyer; I just googled some stuff based on vague memories from law school to write this.)<p>[1] <a href="http://www.bitlaw.com/source/15usc/1116.html" rel="nofollow">http:&#x2F;&#x2F;www.bitlaw.com&#x2F;source&#x2F;15usc&#x2F;1116.html</a>

FTDI have been anti-consumer for years - their last several drivers have introduced intentional instability and Code 10 errors for suspected counterfeit devices.<p>I think this is totally crappy. I see what they&#x27;re trying to do (create market incentive for consumers to insist on real FTDI chips) but the reality is that it&#x27;s just screwing over innocent consumers who buy a device.

I tried reporting this to Microsoft; their handling of calls to report security vulnerabilities was just horrendous.<p>=====<p>Hi,<p>I&#x27;ve been advised to email this address by &#x27;XXXX&#x27; at Microsoft Support.<p>FTDI is shipping a malware driver for Windows; if it detects what it thinks is a counterfeit device plugged in by USB, it bricks it. Details here:<p><a href="http://www.eevblog.com/forum/reviews/ftdi-driver-kills-fake-ftdi-ft232/" rel="nofollow">http:&#x2F;&#x2F;www.eevblog.com&#x2F;forum&#x2F;reviews&#x2F;ftdi-driver-kills-fake-...</a><p>I&#x27;ve also attempted to report this by phone as suggested by XXXX. I&#x27;ve never experienced such difficulty trying to report a security issue; I&#x27;d have expected that you&#x27;d have processes in place, but apparently not.<p>My first attempt was met by a CSR who informed me that he knew of no protocol for reporting security issues, and that he couldn&#x27;t help me because it wasn&#x27;t directly effecting my computer. He then hung up on me when I asked to speak to a supervisor.<p>Second call got me a much more helpful chap, who after conferring with a supervisor, transferred me to professional services. The person I spoke with there said they also didn&#x27;t have any security reporting protocol, or if they did, he didn&#x27;t know about it. When I said the issue could effect thousands of devices, he transferred me through to &#x27;corporate&#x27;.<p>I ended up going through an IVR system to an operator, who was no help whatsoever. She was entirely the wrong person to speak to; she was also completely ignorant of any security reporting process, and didn&#x27;t know who to transfer me to.<p>Could you please call me on +61 XXX XXX XXX to acknowledge receipt of this report, and to discuss it? Thanks.<p>=====

Official response from @FTDIChip: <a href="https://twitter.com/mikelectricstuf/status/524917368154492929" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;mikelectricstuf&#x2F;status&#x2F;52491736815449292...</a>

I think FTDI might be shooting themselves in the foot here.<p>Plugging in a USB is messy, and you will sometimes get an &quot;Unrecognized Device&quot; error, which you simply fix by unplugging and replugging.<p>I could see a similar hiccup causing their driver to sometimes &quot;brick&quot; a legitimate device.<p>Then this false positive ripples back to a manufacturer who bought 50,000 of those chips on the last run, and thinks they might all be fake...<p>It turns everything into a huge mess.<p>Very poor management decision, and shame on the engineers for implementing it.

Ouch, something tells me the Arduino, Raspberry Pi, etc. forums are going to be full of people that are confused why they can&#x27;t talk to their device anymore. IMHO it&#x27;s pretty bad to target the consumers who probably don&#x27;t even know or care that there&#x27;s an FTDI chip in their device. Certainly am not condoning piracy of the chips, but wonder if there&#x27;s a better way of handling the situation than breaking everyone.

Hackaday has a good short summary of the situation: <a href="http://hackaday.com/2014/10/22/watch-that-windows-update-ftdi-drivers-are-killing-fake-chips/" rel="nofollow">http:&#x2F;&#x2F;hackaday.com&#x2F;2014&#x2F;10&#x2F;22&#x2F;watch-that-windows-update-ftd...</a>

This reminds me of the Sony music CDs that came with a rootkit to prevent theft of their IP:<p><a href="http://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal" rel="nofollow">http:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Sony_BMG_copy_protection_rootki...</a><p>There were lawsuits and Sony ended up having to distribute a removal tool.

Absolutely everything with an FTDI logo on it in the wild is now suspect.<p>They didn&#x27;t preserve their brand with this action, they just destroyed it.

Does this qualify as a CFAA violation? I think so and for monetary gain, no less. I would like to hear why wouldn&#x27;t the DA that leaned so hard on Swartz wouldn&#x27;t do the same FTDI&#x27;s CEO.

FTDIs own website says their chips are used on <i>medical</i> <i>devices</i>:<p><a href="https://twitter.com/JohnnySoftware/status/525092883125506048" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;JohnnySoftware&#x2F;status&#x2F;525092883125506048</a><p>Let&#x27;s hope that all the manufacturers are 100% certain of their supply chains, from top to bottom. And that there are no bugs in the driver that might cause inadvertent bricking.<p>Way to go, FTDI.

IF this is on purpose and can be proven so, it is most definitely illegal!

I&#x27;m designing an Arduino-compatible board[1] that supposed to have an FTDI chip for ease of design. This whole thing makes me reconsider it, what would be the best way to replace it some other solution? Do I have any real option if I want to stay within the Open Parts Library[2]?<p>[1]: <a href="https://www.hwtrek.com/product_preview/VTZUZV9k" rel="nofollow">https:&#x2F;&#x2F;www.hwtrek.com&#x2F;product_preview&#x2F;VTZUZV9k</a> [2]: <a href="http://www.seeedstudio.com/wiki/Open_parts_library" rel="nofollow">http:&#x2F;&#x2F;www.seeedstudio.com&#x2F;wiki&#x2F;Open_parts_library</a>

Here&#x27;s someone claiming to have found the responsible function in a driver.<p>PLEASE NOTE: ALL NAMES HAVE BEEN CHOSEN FREELY BY THE PERSON WHO MADE THE SCREENSHOT! So there&#x27;s no name &quot;BrickCLoneDevices()&quot;, it&#x27;s probably called UpdateEEPromChksum or something like that in the original code, because it looks like that&#x27;s what it does.<p><a href="http://www.eevblog.com/forum/reviews/ftdi-driver-kills-fake-ftdi-ft232/msg535270/#msg535270" rel="nofollow">http:&#x2F;&#x2F;www.eevblog.com&#x2F;forum&#x2F;reviews&#x2F;ftdi-driver-kills-fake-...</a><p>Assuming that this disassembly&#x2F;decompiled code indeed is genuine, the interesting thing is explained in the 2nd comment block: A genuine FTDI device seems to be designed such that a write only to the offset that stores the PID is ignored, hence for a genuine part this code will only update the word at offset 62, and that would be matching the functionality to just update the eeprom checksum.<p>For comparison, here&#x27;s a random mainling-list post which includes a dump of the 232 eeprom. The VID&#x2F;PID is stored at word 1 and 2 of the eeprom, something that could be a checksum is down at the word with offset 0x7f (word 0x3f = 63? There&#x27;s probably a off-by-one here).<p><a href="http://developer.intra2net.com/mailarchive/html/libftdi/2009/msg00306.html" rel="nofollow">http:&#x2F;&#x2F;developer.intra2net.com&#x2F;mailarchive&#x2F;html&#x2F;libftdi&#x2F;2009...</a>

Does anyone know of good FTDI alternatives? Are there any clone makers that are relatively legit (i.e. they put their actual brand name on the chip, they support drivers, etc)? At $4.50 a pop for bog-standard bit-banging in a day and age where you can get ARM M4 SoCs for $2.75 a pop (n=1 prices) I would think FTDI would have more above-the-table competition than they do.<p>Is the subterfuge required for illegitimate cloning really that much easier than getting a website, writing docs, and supporting drivers?!

Me and my buddy were going to work on a couple of projects last weekend and got bit by this.<p>The workaround once your chip has been flashed by the new driver is modifying the driver to communicate with devices that have a PID of 0.

So how does this work ? Hector Martin gives us a glimpse:<p>Commented reverse engineering assembly: <a href="https://twitter.com/marcan42/status/525126731431038977" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;marcan42&#x2F;status&#x2F;525126731431038977</a><p>So they are rewriting the USB Product ID in EEPROM, only on &quot;fake&quot; chips, hence the Windows USB driver doesn&#x27;t recognize the device anymore. It should be reprogrammable using the right tools. (<a href="https://twitter.com/marcan42/status/525134266112303104" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;marcan42&#x2F;status&#x2F;525134266112303104</a>)<p>What allows them to do things differently on different chips: &quot;Figured out the real&#x2F;clone FTDI difference: EEPROM is written in 32bit units. Even writes are ignored (buffered), odds write both halves.&quot; <a href="https://twitter.com/marcan42/status/525194603746426881" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;marcan42&#x2F;status&#x2F;525194603746426881</a><p>And some wisdom:<p>&quot;For those unfamiliar with embedded engineering: most USB (and other) devices can be bricked if maliciously attacked.&quot; &quot;Assume ALL devices are brickable by evil code unless proven otherwise. This isn&#x27;t news. Most devices make no attempt to protect themselves.&quot; (<a href="https://twitter.com/marcan42/status/525137221431463937" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;marcan42&#x2F;status&#x2F;525137221431463937</a> <a href="https://twitter.com/marcan42/status/525137463107272704" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;marcan42&#x2F;status&#x2F;525137463107272704</a>)

I foresee an arms race here.<p>Next gen FTDI clones will work around this driver detection. Next FTDI driver has new detection code.<p>Iterate until the counterfeit chips are indistinguishable from the real thing via software.

The real world is a lot like cyberpunk except instead of exciting it&#x27;s frustrating.

Sounds like a company about to loose very badly in court, and who will shortly have to write out an apology on their cheque book.<p>Intentionally sabotaging customer equipment will lead to all sorts of data loss and consequential damages issues.<p>As @Someone1234 said below, FTDI needs to pursue legitimate channels to protect their IP.<p>Ouch...<p>Time for the CEO to reach for that third envelope and write to his successor.

Can somebody give me the background here? What is a FTDI FT232s?<p>It appears to be a fairly low level USB controller chip? Is this chip (or its ilk) in every kind of usb device? What is the impact of this?<p>Most of this article dives in with a fair bit of preexisting knowledge - can somebody fill me in?

FT232 isn&#x27;t very stable to begin with. CP210x is a much better alternative from my experience with FT232, PL2303 and CP210x.

Interesting situation. Given that &quot;drivers&quot; for USB serial ports are now boiler plate, why not just have some Chinese company buy the USB VID code from the USB Consortium and then agree that everyone will make chips that export that?

I wonder if anti-virus and anti-malware companies will add this to their black lists.

As mentioned, Prolific&#x27;s USB serial driver previously dropped support for counterfeit some Prolific chips, albeit not in quite as nasty of a way.

This seems to be reversible: <a href="http://www.reddit.com/r/arduino/comments/2k0i7x/watch_that_windows_update_ftdi_drivers_are/clgviyl" rel="nofollow">http:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;arduino&#x2F;comments&#x2F;2k0i7x&#x2F;watch_that_w...</a>

If anyone&#x27;s still reading - here&#x27;s annotated disassembly: <a href="https://pbs.twimg.com/media/B0mf-pmCIAAoPxS.png:large" rel="nofollow">https:&#x2F;&#x2F;pbs.twimg.com&#x2F;media&#x2F;B0mf-pmCIAAoPxS.png:large</a>

Thanks for the heads up, this will probably affect us car nerds too (I&#x27;m sure my cheapo KWP2000 cable has a fake FT232)

How is this much different from what is done with other counterfeit goods[1-4]? Is it because they aren&#x27;t going through legal channels to do it? But these all are counterfeit, so the end result is the same, right? When counterfeit goods are found, they are seized and destroyed. I can see people getting upset about this, but I&#x27;m surprised at the unanimous response to it.<p>[1]Car bodies: <a href="http://autoweek.com/article/car-news/mercedes-and-daimler-crush-300sl-gullwing-imposter" rel="nofollow">http:&#x2F;&#x2F;autoweek.com&#x2F;article&#x2F;car-news&#x2F;mercedes-and-daimler-cr...</a><p>[2]Guitars: <a href="http://thehub.musiciansfriend.com/bits/feds-seize-over-185-counterfeit-guitars-in-nj" rel="nofollow">http:&#x2F;&#x2F;thehub.musiciansfriend.com&#x2F;bits&#x2F;feds-seize-over-185-c...</a><p>[3]Carrying bags: <a href="http://www.hamm.eu/en/aktuelles-und-presse/news/2009/2009-04_Reisenthel_Plagiate.html" rel="nofollow">http:&#x2F;&#x2F;www.hamm.eu&#x2F;en&#x2F;aktuelles-und-presse&#x2F;news&#x2F;2009&#x2F;2009-04...</a><p>[4]Clothing: <a href="http://www.nytimes.com/2014/01/31/nyregion/trademark-trumps-charity-so-us-will-destroy-bogus-nfl-jerseys.html?_r=0" rel="nofollow">http:&#x2F;&#x2F;www.nytimes.com&#x2F;2014&#x2F;01&#x2F;31&#x2F;nyregion&#x2F;trademark-trumps-...</a>

This is one of the many reasons to use Linux and free software on your desktop. :)

I haven&#x27;t gotten into the DIY&#x2F;Hacker&#x2F;Arduino stuff but it seems like there would also be plenty of consumer devices that may be impacted that don&#x27;t have correct supply chain control (or care about the source of their chips).<p>I wonder if Windows will pull the driver.

They are getting pummeled on Twitter now, as well.<p>My guess is an 8am meeting in Glasgow (about 8.5 hours from now), followed by an apology and an updated driver announcement at 10am.

I threw together a little util for correcting the PID you still have to fix the driver yourself, but I put info in the readme.. Since most of the issues are on Windows systems, its a little WPF app.<p><a href="https://github.com/jbagel2/FIX_BROKEN_FTDI_PID" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;jbagel2&#x2F;FIX_BROKEN_FTDI_PID</a>

The real problem here is that USB does not define a standard interface for an RS-232 adapter. Proprietary drivers should never have been required for these. Same deal for Centronics printer adapters.

Finally ! Someone made a proper Linux to guarantee genuine FTDI products:<p><a href="https://lkml.org/lkml/2014/10/23/129" rel="nofollow">https:&#x2F;&#x2F;lkml.org&#x2F;lkml&#x2F;2014&#x2F;10&#x2F;23&#x2F;129</a>

People should be complaining to microsoft to get these malicious drivers blocked and older non-malicious ones reinstated.

So what are the actual products that are getting bricked? Curious about the end result of all this.

FTDI Makes fantastic chips though.

Those devices are NOT bricked&#x2F;broken! They are ABSOLUTELY FINE. You just need to use proper driver straight from the _real_ manufacturer - Supereal Microelectronics (or whatever).<p>Feel free to ask &quot;Suzhou Supereal Microelectronics&quot; for a working driver for your counterfeit device.