Fake parts, is this too far?

Discussion in 'General Electronics Chat' started by nsaspook, Oct 24, 2014.

  1. nsaspook

    Thread Starter AAC Fanatic!

    Aug 27, 2009
    2,906
    2,158
    http://arstechnica.com/information-...usb-serial-chips-beloved-of-hardware-hackers/
    IMO a company has gone too far when it reprograms a detected 'fake' chip' to never work again.
     
  2. tshuck

    Well-Known Member

    Oct 18, 2012
    3,531
    675
    Agreed! They have no right to actively damage your property just because someone else ripped them off.

    I read that they rolled back these drivers, though, and are going to release a normal, non-bricking driver sometime next week.
     
  3. nsaspook

    Thread Starter AAC Fanatic!

    Aug 27, 2009
    2,906
    2,158
    So, is the 'new' driver going to unbrick chips it killed before? I would not like to be in the FTDI legal dept. today as this has Class Action Lawsuit written all on it.

    If Windows reformatted a users HD or re-flashed the Bios to all zeros if it detected a pirate copy the company would be out of business tomorrow.
     
    Last edited: Oct 24, 2014
  4. takao21203

    Distinguished Member

    Apr 28, 2012
    3,577
    463
    Guess what these "intelligent" softwares do- they brick it when they "think" something is wrong.
     
  5. joeyd999

    AAC Fanatic!

    Jun 6, 2011
    2,673
    2,712
    Let me play devil's advocate:

    If you knowingly or unknowingly receive stolen property, do consider it your right to call it yours?

    FTDI paid for it's vendor ID. Anyone who clones their ID is committing theft, and those who purchase the parts are, in fact, receiving stolen property.

    The way to avoid counterfeits (and to continue to receive support from the chip manufacturer), is to purchase the chips from approved distributors. If hardware suppliers are not doing this (most likely, to reduce cost), and passing counterfeit material to their customers, they are ultimately responsible to the customer, not FTDI.

    The customers *must* hold those vendors responsible.
     
  6. takao21203

    Distinguished Member

    Apr 28, 2012
    3,577
    463
    "Sorry your Goodyear tires are not genuine- detaching them right now, buy better ones".
     
  7. tshuck

    Well-Known Member

    Oct 18, 2012
    3,531
    675
    No, unfortunately, the driver rewrites locations in the memory of the counterfeits and sets their enumeration values to 0 in the the EEPROM, effectively ensuring the devices will never work again, unless you reprogram them and change it back.
     
  8. nsaspook

    Thread Starter AAC Fanatic!

    Aug 27, 2009
    2,906
    2,158
    Does the owner of this 'stolen property' have the right to break into your house and smash the stolen property with a hammer because a EULA says he can 'IRRETRIEVABLY DAMAGE' that possibility stolen property?
     
  9. tshuck

    Well-Known Member

    Oct 18, 2012
    3,531
    675
    How are unsuspecting consumers (who are not informed of their counterfeit parts) liable when a third party sells them "the same thing"?

    Either way, does the fact that they aren't using the FTDI hardware give them the right to knowingly reprogram your hardware to fail?

    By that logic, Apple can simply destroy/brick any device that doesn't support a partially eaten apple on the case on the ground that "everyone copied them on everything" and are, therefore counterfeit.

    If FTDI were to simply make it so the driver doesn't acknowledge the counterfeits, fine, that's their prerogative, but when they maliciously damage hardware, that's cruising the line.
     
    BMorse likes this.
  10. nsaspook

    Thread Starter AAC Fanatic!

    Aug 27, 2009
    2,906
    2,158
  11. tshuck

    Well-Known Member

    Oct 18, 2012
    3,531
    675
  12. nsaspook

    Thread Starter AAC Fanatic!

    Aug 27, 2009
    2,906
    2,158
    Right, I won't change the driver to handle the bad device descriptor but just reprogram the 'fake' chip.
    This should fix the device descriptor so another driver can be used.
     
  13. joeyd999

    AAC Fanatic!

    Jun 6, 2011
    2,673
    2,712
    Like I said, devil's advocate. But, let me take a whack at your questions:

    How a person receives stolen property is irrelevant -- they cannot claim any rights to it regardless of whether they were aware or not that it was stolen, and regardless of whether or not they paid for it.

    This is tantamount to "taking the law in you own hands". For example, if I break into my neighbors house to retrieve the lawn mower he "borrowed" without my knowledge, I'm probably going to jail. Usually, you try to let the law recover your property for you.

    OTOH, in this case, we are talking intellectual property and code -- some of the rules are different. They are not physically damaging the material, just reprogramming it. I don't know how far they can get with this legal defense (and probably others), but you can bet this was run through some very expensive lawyers prior to implementation. My guess is they got their I's dotted and the T's crossed. Evidence of this is that they updated their EULA, which is, in fact a legally binding agreement whether the customer reads it or not.

    Please elaborate. I don't understand your point. To be clear, we are talking about a Vendor ID and driver code that FTDI legally owns.

    Of course you meant "crossing" the line, and I don't know. The parts have been programmed with a vendor ID that legally belongs to FTDI. The agreement between FTDI and the agency that sold them the ID may, in fact, indicate that they wide latitude wrt to anything they wish to do with hardware that contains their ID.

    I don't have enough information to commit to either side of the fence. But, ask yourself: Why are the chip vendors cloning FTDI's ID (and, in fact, breaking the law), and why are the hardware vendors not using genuine FTDI parts (if they intend their products to use the FTDI driver)? I see lots of blame to spread.
     
  14. tshuck

    Well-Known Member

    Oct 18, 2012
    3,531
    675
    Good point. That would work while you roll back the driver...
     
  15. NorthGuy

    Active Member

    Jun 28, 2014
    603
    121
    That is all true about IDs. The problem is that Microsoft has a built-in driver for these IDs. If you purchase your own IDs (which are quite cheap) you don't get the benefit of the built-in driver. So, in order to get to use their built-in driver, you must copy their IDs.

    One could argue that the driver is developed by FDTI and consitutes their intellectual property. But people use this driver not because it is good or innovative, but simply because Microsoft has included it with Windows. It is not hard to develop your own driver, but it won't give you the same benefit.
     
  16. nsaspook

    Thread Starter AAC Fanatic!

    Aug 27, 2009
    2,906
    2,158
    Statement from FTDI

    http://www.ftdichipblog.com/?p=1053
    Bottom line, it's a move that's bad for business even of the lawyers think it was OK.
     
  17. joeyd999

    AAC Fanatic!

    Jun 6, 2011
    2,673
    2,712
    No need to argue. The driver belongs to FDTI, and, along with the cost of the ID, represents a real expense to develop and maintain. The counterfeiters are getting a free, unearned ride. That is why they are cloning the FDTI vendor ID.

    I develop products, some which are cloned by the Chinese. They are *exact* knock-offs, at least from appearance (though performance is invariably awful). It is highly expensive (and mostly ineffective) to try to get an injunction against these companies. They'll just close up shop and start up again with a new name and carry on. It's like playing whack-a-mole. Some choose to go after the customers who support the counterfeiters with their purchases, especially wrt product imported into the US. It's far more effective, and less expensive, than going after the source.
     
  18. gerty

    AAC Fanatic!

    Aug 30, 2007
    1,153
    304
    While, not exactly the same, I have run into a similar problem. Some Motorola dealers are programming passwords into customers radios, without their consent. I do some work in emergency services as a Rescue EMT, and as a Constable. People bring me their radios for reprogramming, I can do Vertex but not Motorola, so they come to see if I can help anyways. Years ago if a customer or dealer forgot the password, you could use a hex editor and bypass the password window and either reset it or delete it.
    Now, if you try that it'll brick your radio, and if it's bricked it must go back to depot. You have to pay the dealer to reprogram or send it to Motorola depot. Where a lot of problems arise is when a unsuspecting fire dept/rescue squad sells their old radios, not being aware of the password issue, on Ebay for example, the buyer is SOL.
    Then someone must pay for the depot charges to get them cleared. I have seen this first hand with at least 3 agencies, none of which authorized a password. Most of them didn't even know a password was an option. One fire dept Chief called the dealer and asked for the password, he was told he wasn't going to get it and there was nothing he could do to make him.
    In that particular case, the radios were purchased on a grant and programming was part of the deal. The local dealer had nothing to do with the radios until the county hired him to narrowband all the county radios. That's when he put the passwords on, Sheriffs dept too..
    Sheriff went to the county executive (mayor) and asked if he was the one who requested a password, since they paid for the narrowbanding, and he knew nothing about it. I see a lawsuit in that dealers future.
     
  19. joeyd999

    AAC Fanatic!

    Jun 6, 2011
    2,673
    2,712
    I'd like to also point out that the counterfeiters are likely selling their parts at a price well below true market value. This has the direct result of a) substantially reducing the quantity from that which FDTI would otherwise ship, and b) decreasing the margins for the chips they do ship. This hurts FDTI's bottom line, but also hurts the consumer: they will be less likely to invest in useful technology that is easily cloned in the future and/or they will raise prices on uncloned parts to make up the difference.

    I've no problem with cut-throat competition (which is invariably good for the consumer). Cloning ID's and labeling chips with FDTI's trademarks is downright unacceptable and, if I may say, evil. If someone else wants to make their own chips, they should purchase their own ID's, develop their own drivers (or utilize open-source drivers), and use their own trademarks.
     
  20. nsaspook

    Thread Starter AAC Fanatic!

    Aug 27, 2009
    2,906
    2,158
    USB VID/PIDs are not covered by copyright law/IP rights, it only allows you to use the official USB logo/trademarks on products. Labeling chips with FDTI's trademarks and selling them as FDTI is wrong.
    Sabotage tactics on cloned or faked products usually end up biting you on the backside.

    I remember a few years ago when Intel tried a similar sabotage tactic with 'clones', it backfired.
    http://www.cnet.com/news/intel-ftc-settle-antitrust-case/
     
Loading...