This is a bit esoteric but worth spreading around. There is a part used for linking USB ports to some pieces of electronics. I have a bunch of these for my ham radios, a scanner, a piece of music equipment and some single-board computer kits.
The company is Future Technology Devices International and the device number is FT232 (PDF). Because it is widely used, it is widely counterfeited. FTDI found a way to 'brick' the counterfeit units and persuaded Microsoft to roll this updated driver into their usual Windows Update. Needless to say, this renders the counterfeit device useless.
FTDI is doing nothing to harm the counterfeiters and doing everything to hurt the end user. There is a way to un-brick the device but it is no longer operable under Windows.
From the Ars Technica:
Windows Update drivers bricking USB serial chips beloved of hardware hackers
Hardware hackers building interactive gadgets based on the Arduino microcontrollers are finding that a recent driver update that Microsoft deployed over Windows Update has bricked some of their hardware, leaving it inaccessible to most software both on Windows and Linux. This came to us via hardware hacking site Hack A Day.
The driver in question is for a line of USB-to-serial chips designed by Scottish firm FTDI. FTDI's chips are incredibly popular in this space, as just about every microcontroller and embedded device out there can communicate over a serial port. But this popularity has a downside; there's a vast number of knock-off chips in the wild that appear to be made by FTDI, but in fact aren't.
FTDI develops drivers for its chips. The drivers can be obtained directly from FTDI, or they can be downloaded by Windows automatically, through Windows Update. This latter feature is a great convenience for most people, as it enables plug-and-play operation. The latest version of FTDI's driver, released in August, contains some new language in its EULA and a feature that has caught people off-guard: it reprograms counterfeit chips rendering them largely unusable, and its license notes that:
Use of the Software as a driver for, or installation of the Software onto, a component that is not a Genuine FTDI Component, including without limitation counterfeit components, MAY IRRETRIEVABLY DAMAGE THAT COMPONENT
The license is tucked away inside the driver files; normally nobody would ever see this unless they were explicitly looking for it.
The result of this is that well-meaning hardware developers updated their systems through Windows Update and then found that the serial controllers they used stopped working. Worse, it's not simply that the drivers refuse to work with the chips; the chips also stopped working with Linux systems. This has happened even to developers who thought that they had bought legitimate FTDI parts. It can be difficult to tell, and stories of OEMs and ODMs quietly ignoring design specs and using knock-offs instead of official parts are not uncommon. As such, even hardware that was designed and specified as using proper FTDI chips could be affected.
There is an in-depth tear-down of the real and the counterfeit chip at Zepto Blog
An analysis of the software can be found at the EEVblog Electronics Community Forum
Leave a comment