Friday, October 24, 2014

FTDI: The Clone Wars

I saw an article on Hackaday that talked about an FTDI driver update on windows that purposefully set the PID of the device to 0 on fake or 'cloned' FTDI chips. I've also seen a bit of confusion on this topic, so I'd like to clarify a few points.

First, what is FTDI? Basically, this company makes products that allow micro-controllers to communicate to a USB host, like your computer. The make both drivers, hardware, and most importantly here, chips.

1) Many people aren't aware if they even have a fake

One of the first arguments that I saw was in regards to how users should be punished for using a fake chip. Most of the people using these products are using end products, or products that are made using these chips. It's much easier for someone to include an FTDI chip with their device than to go through all of the trouble and cost of getting their own Vendor and Product ID. So, some devices have these chips in them without their users ever really knowing. This means that if the vendor accidentally or intentionally used a fake chip, then some end consumer could have a device break and have absolutely no idea why. It would literally just stop connecting to the computer.

2) This isn't a user mistake

The second most common argument that I'm seeing is asking why on earth any user would expect FTDI firmware to work on a non-FTDI chip. One person compared it to trying to sue Sony when your Sony TV knockoff stopped working. A user didn't re-flash their chip and mess up by getting the wrong firmware version, or putting it on a device it was never intended to. In fact, what updated silently and without warning was the FTDI driver on the host side. The FTDI driver itself checked if the chip connected to it was fake, and if so, it rendered it useless by changing the Product ID to 0.


3) This was intentional

Many people don't seem to understand how this could be intentional. One commenter on the Hackaday article asked how they could be expected to support all of the clones. It's not that they tried a new feature that only worked on the real ones but not the clones. The essentially initiated a challenge response protocol. The gave the chip some data or some set of data. The official ones would return one thing, the fakes another. After the fakes were identified, they were dealt with with extreme prejudice.

How does it work?

The FTDI device essentially makes a serial port through its driver. A USB device has several layers to go through. The first of which is a device descriptor. The descriptor has a lot of information on how to go through the layers, but most importantly, it has a vendor and product ID. The vendor ID is unique to the vendor, and the product id is unique to the particular product or chip. This attack sets the product id to 0 which makes windows fail to acknowledge its existence. A product or vendor id of 0 is considered invalid, so it will no longer be recognized by the computer much less the drivers.


I hope I've cleared up a little bit regarding this issue. My opinion is that it might have been better to give a small alert to users letting them know that their chips are fake. I don't think it was within their rights to destroy peoples' products, mostly because they were not aware they were using a fake chip. However, even if they did know they were using a fake, I still don't think that they should have morally done that. As far as market share goes, it might be a good decision, it might not be. The answer to that will lie in whether people keep buying their products after this.