Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: FTDI admits to bricking innocent users' chips in silent update

25 Oct 2014   #1
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 
FTDI admits to bricking innocent users' chips in silent update

Quote:
In a move that has surprised and angered security researchers, chip maker FTDI has admitted to issuing a silent update that bricks cloned FTDI FT232 [USB to UART] chips.
Quote:
Hardware hackers and security researchers are furious at chip maker FTDI for issuing a silent update that bricks cloned FTDI FT232 [USB to UART] chips.

The chip is extremely common on a wide variety of devices and there is no way of knowing at this time which devices have cloned chips -- and the tainted supply chain could hit anyone.

FTDI appears to have used a recent Windows update to deliver the driver update to brick all cloned FTDI FT232s.

FTDI's surprise new driver reprograms the USB PID to 0, killing the chips instantly.
FTDI admits to bricking innocent users' chips in silent update | ZDNet


My System SpecsSystem Spec
.
25 Oct 2014   #2
NoN

Windows 7 Professional SP1 - x64 [Non-UEFI Boot]
 
 

Looks FTDI provide an utility to be able to flash those chip without brick them all by manually changing the PID.

FTDI Utility
My System SpecsSystem Spec
25 Oct 2014   #3
lehnerus2000

W7 Ultimate SP1, LM18 MATE, W10IP VM, W10 Home, #All 64 bit
 
 

I hope they get sued.

I'd be sent to prison if I:
  • Went to someone's house and smashed their stuff
  • Sent out malware and it was tracked back to me
My System SpecsSystem Spec
.

25 Oct 2014   #4
HerrKaLeun

W7 Pro 64
 
 

They didn't "brick" the chip, their new driver just doesn't' support it. This is reversible by installing older driver.

And the chip wasn't made by FTDI, why would they have to be required to support it? If you buy a fake Apple product, can you bring it in to the Apple store and get it repaired under warranty and serviced?

The end consumers are the pawns and FTDI could have been nicer to them.... but the end consumer can take his product to where it was purchased and complain there. If the end-user inadvertently buys a fake copy of windows, it also will get disabled. If someone buys fake tickets for a concert, he also gets turned down at the entrance. Sad and not fair... but why would the original OEM have to honor a pirated product?

This driver is clearly for FTDI chips and the EULA stated so. IF it is applied to a fake product, why should FTDI be required to make it work with fake products?
My System SpecsSystem Spec
26 Oct 2014   #5
lehnerus2000

W7 Ultimate SP1, LM18 MATE, W10IP VM, W10 Home, #All 64 bit
 
 

Quote   Quote: Originally Posted by HerrKaLeun View Post
They didn't "brick" the chip, their new driver just doesn't' support it. This is reversible by installing older driver.
I keep backups of all my installers (driver & program) because companies have a proven track record of releasing dodgy and/or worthless updates.

How many ordinary users keep backup installers?

Quote   Quote: Originally Posted by HerrKaLeun View Post
This driver is clearly for FTDI chips and the EULA stated so. IF it is applied to a fake product, why should FTDI be required to make it work with fake products?
They don't.

Quote:
Hardware hackers and security researchers are furious at chip maker FTDI for issuing a silent update that bricks cloned FTDI FT232 [USB to UART] chips.

The chip is extremely common on a wide variety of devices and there is no way of knowing at this time which devices have cloned chips -- and the tainted supply chain could hit anyone.
However it seems they made no mention of the fact that the update could cause problems (especially for those who have unapproved chips).

Are you suggesting that everyone who had a fake chip deliberately bought the fake version?
My System SpecsSystem Spec
26 Oct 2014   #6
HerrKaLeun

W7 Pro 64
 
 

Quote   Quote: Originally Posted by lehnerus2000 View Post
However it seems they made no mention of the fact that the update could cause problems (especially for those who have unapproved chips).

Are you suggesting that everyone who had a fake chip deliberately bought the fake version?
the EULA stated that fake chips are not supported and that should go without saying anyway. If someone in China makes a fake ford Taurus, can you expect Ford (and possibly sue) ford if the original ford parts don't work in the clone? i never read the EULA, but don't expect an Intel driver to work on a product not made by Intel.

the consumer and possibly the board manufacturer are innocent in this. I don't think anyone deliberately installed fake chips. but the consumer can go to the board manufacturer and get a new board witch real chip. and the board manufacturer can sue his suppliers and improve QM.

I feel sorry for anyone affected, and this wasn't a good publicity move for FTDI. Because now manufacturers may not use them knowing chips may or may not be fake. Ultimately the publicity is bad for board manufacturers. no consumer knows who made the chips. but they buy a board from MSI, Asus or whoever that failed.
My System SpecsSystem Spec
26 Oct 2014   #7
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

The board manufactures know exactly where they got the chip. It's the board manufacture duty to make sure that everything on their board are legal and not counterfeit. They bought Cing Dong Dings chip because it was cheaper and didn't care if it was counterfeit.

My thoughts.
Layback Bear
My System SpecsSystem Spec
26 Oct 2014   #8
lehnerus2000

W7 Ultimate SP1, LM18 MATE, W10IP VM, W10 Home, #All 64 bit
 
 

Quote   Quote: Originally Posted by HerrKaLeun View Post
the EULA stated that fake chips are not supported and that should go without saying anyway. If someone in China makes a fake ford Taurus, can you expect Ford (and possibly sue) ford if the original ford parts don't work in the clone?
Car analogies don't seem to work properly for software.

If you took your Fake Ford Taurus to Ford they would tell you it was a fake (and charge you to fix it).

Ford doesn't go to peoples' houses and "clamp" fake Ford Tauruses (I've never heard of it happening here).
I also doubt that they'd beam an update into the fake Ford Taurus, which just so happens to "accidentally" disable it.

IT companies have a proven track record in dubious behaviour.
Actually they are just like the car companies.

Quote   Quote: Originally Posted by Layback Bear View Post
The board manufactures know exactly where they got the chip. It's the board manufacture duty to make sure that everything on their board are legal and not counterfeit. They bought Cing Dong Dings chip because it was cheaper and didn't care if it was counterfeit.
In that case, it might be possible for someone to start a class action lawsuit.
My System SpecsSystem Spec
26 Oct 2014   #9
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

A class action lawsuit against a Chinese company will never happen. It would be a waste of time and money. I don't believe the Chinese government will allow it. A major amount of the Chinese
economy is counterfeiting and they surly don't want to step on their own toes.
My System SpecsSystem Spec
26 Oct 2014   #10
HerrKaLeun

W7 Pro 64
 
 

Quote   Quote: Originally Posted by lehnerus2000 View Post
Car analogies don't seem to work properly for software.

If you took your Fake Ford Taurus to Ford they would tell you it was a fake (and charge you to fix it).

Ford doesn't go to peoples' houses and "clamp" fake Ford Tauruses (I've never heard of it happening here).
I also doubt that they'd beam an update into the fake Ford Taurus, which just so happens to "accidentally" disable it.
FTDI didn't force anyone to install the update. The user actively installed it (by downloading from manufacturer website or by automatic installation via MS). It sounds like it was an update to a driver where the user had to "accept" the EULA. FTDi didn't hack into computers to install the update.

If people want the convenience of automatic updates, then the user chose comfort over safety/security.
My System SpecsSystem Spec
Reply

 FTDI admits to bricking innocent users' chips in silent update




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Firefox 10 Download Available. Silent Update In The Package
Read More at : Firefox 10 Download Available. Silent Update In The Package. - CrazyEngineers Download Firefox 10
Browsers & Mail
Silent Hill: Book of Memories-just another Silent Hill w/ Multi Player
Another new Silent Hill game will be release even though im not yet finished with my Homecoming and i do not have yet a copy of Silent Hill Downpour. Im still a fan of it :D Here is the new up coming Silent Hill: Book of Memories game: A portable entry in the horror franchise, Silent Hill:...
Gaming
Firefox Keeping Rapid Release, But Adding Silent Update Option
Read more at: Maximum PC | Firefox Keeping Rapid Release, But Adding Silent Update Option For Irritated Users
News
MSE harasses an innocent little program
I have a small video editing program (Machete) that has been running very well since 15 months. All of a sudden MSE decides to harass it throwing the full power of the msmpeng.exe at it using 98% of the CPU for 3 to 4 minutes when I launch that program. I solved the problem by setting the poor...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:52.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App