FTDI admits to bricking innocent users' chips in silent update

HerrKaLeun said:

FTDI didn't force anyone to install the update. The user actively installed it (by downloading from manufacturer website or by automatic installation....

Read that again......slowly. Then tell me how that makes sense that the user would be at fault.


And every user should be using automatic updates, security updates need to be applied as quickly as possible. The average user needs that or they would be lost and confused.

Think about the average user here, not the techy. They can barely find control panel-much less understand what updates are. To them updates are the annoying thing that takes forever when they shut down or turn on my computer.

Layback Bear said:

The board manufactures know exactly where they got the chip. It's the board manufacture duty to make sure that everything on their board are legal and not counterfeit. They bought Cing Dong Dings chip because it was cheaper and didn't care if it was counterfeit.

My thoughts.
Layback Bear

+1

Layback Bear said:

A class action lawsuit against a Chinese company will never happen. It would be a waste of time and money. I don't believe the Chinese government will allow it. A major amount of the Chinese economy is counterfeiting and they surly don't want to step on their own toes.

Obviously you'd have almost no chance of getting compensation from the Chinese.
You guys in the US would have more chance than we would here in Australia.

However somewhere in the supply chain, someone in the US, transferred these devices to US consumers (it would probably be the retailer level).
With all the whining about IP theft, surely it is illegal to sell products that violate IP laws?

Even if they get off using the "we didn't knowingly break the law" defence that will leave the angry customers.

Customers might be so upset that they do things like:

• Never update their PCs again
• Actively engage in IP theft to, "stick it to the Man."

These sort of incidents undermine confidence in the "System".

In this case:

• IT (updates)
• Retail
• IP law

HerrKaLeun said:

If people want the convenience of automatic updates, then the user chose comfort over safety/security.

I suspect that:

• The PCs of most ordinary users are either set to "Never Update" or "Automatically Update"
• The users are not even aware that the settings can be changed

HerrKaLeun said:

You can separate security from driver updates in MS update. Drivers are "optional"

Don't look at me. You said automatic install.

A driver update published in Windows Update has resulted in counterfeit chips used in finished products being left inoperable. After a public outcry, the update was removed from Windows Update.

Scottish design firm Future Technology Devices International (FTDI) pushed an updated driver for automated installation in Windows Update for devices that use the FT232 chipset, which converts RS-232 (specifically, UART) to USB. The driver update leaves devices that use counterfeit FTDI chips in an unusable state. After a public outcry, the update was pulled from Windows Update, but a great deal of damage had already been done.

Buried in the INF file of the latest drivers, the comments warn "Use of the Software as a driver for, or installation of the Software onto, a component that is not a Genuine FTDI Component, including without limitation counterfeit components, MAY IRRETRIEVABLY DAMAGE THAT COMPONENT." Naturally, as the driver is installed using Windows Update, this notice is not presented to the user prior to installation.

FTDI uses Windows Update to disable devices using counterfeit chips - TechRepublic

After thoroughly reading the topic, I agree with the post above.

Yes, it was a move that generated FTDI bad press. Yes, they were wrong to have it as a silent install and give users absolutely no clear indication or warning. Yes, it was totally intentional.

But are they at fault? Most certainly not.

They protected their product against counterfeits, that's all there is to it. Where the chip came from and how it ended up in there doesn't matter one bit; I'm not saying it's the user's fault, or anyone elses - the blame is solely on those who manufactured the counterfeit chip.

It's not fair, but it's reality.

oneeyed said:

Even then, I'm not so sure we should blame FTDI. If manufacturers used tricks such as this much more often, then maybe the clones would have a harder time being accepted on boards in the first place.

+1

oneeyed said:

Even then, I'm not so sure we should blame FTDI. If manufacturers used tricks such as this much more often, then maybe the clones would have a harder time being accepted on boards in the first place.

Gornot said:

They protected their product against counterfeits, that's all there is to it. Where the chip came from and how it ended up in there doesn't matter one bit; I'm not saying it's the user's fault, or anyone elses - the blame is solely on those who manufactured the counterfeit chip.

It's not fair, but it's reality.

The trouble is that this will lead consumers to conclude that updates are bad.

Their response will be to never update their machines, which will probably lead to an increase in botnets.

One of my friends refuses to install an AV program because "it will slow his machine down."
I can't even convince him to use the free version of Malwarebytes (which only runs if it is told to).

lehnerus2000 said:

oneeyed said:

Even then, I'm not so sure we should blame FTDI. If manufacturers used tricks such as this much more often, then maybe the clones would have a harder time being accepted on boards in the first place.

Gornot said:

They protected their product against counterfeits, that's all there is to it. Where the chip came from and how it ended up in there doesn't matter one bit; I'm not saying it's the user's fault, or anyone elses - the blame is solely on those who manufactured the counterfeit chip.

It's not fair, but it's reality.

The trouble is that this will lead consumers to conclude that updates are bad.

Their response will be to never update their machines, which will probably lead to an increase in botnets.

One of my friends refuses to install an AV program because "it will slow his machine down."
I can't even convince him to use the free version of Malwarebytes (which only runs if it is told to).

I cannot stand people like that. They are the reason malware and botnets spread more. ugh