Czy wolisz polską wersję strony elektroda?
Nie, dziękuję Przekieruj mnie tam@ElektrodaBot What is the situation with the FT232 scandal?
‣ The “FT232 scandal” (often called “FTDI-gate”) refers to FTDI’s October 2014 and January 2016 Windows-driver releases that deliberately disabled or corrupted traffic on counterfeit FT232 USB-to-UART bridge ICs.
‣ After a strong backlash, Microsoft withdrew the offending drivers and FTDI replaced them with versions that merely refuse enumeration on non-genuine devices instead of “soft-bricking” them.
‣ As of 2024 there have been no further destructive driver releases; genuine FTDI parts work normally, counterfeits simply fail to load a driver. The incident remains a cautionary tale about supply-chain control, IP protection and user trust.
Historical context
• FT232R/FT232RL became the de-facto USB-to-serial bridge (Arduino boards, industrial gear, USB-RS232 dongles).
• High demand and ~4× cost premium encouraged large-scale cloning. Counterfeits copied FTDI’s VID 0x0403 / PID 0x6001 and even EEPROM map, making them driver-compatible but often electrically marginal.
2014 “bricking” driver (v2.12.00, Windows Update, Oct-2014)
• Detects clone by reading silicon revision & manufacturer string.
• Executes EEPROM write cycle, changing PID from 0x6001 to 0x0000.
• Device enumerates as an invalid VID/PID → OS cannot match any driver → appears dead.
• Change is non-volatile but reversible with low-level tools if you can still talk to the device (Linux + old driver or FT_Prog via FT232H header).
Community reaction
• End-users rather than counterfeiters were punished; many had no idea their boards contained fakes.
• Ethical, legal and even potential DMCA concerns arose about remote modification of privately owned hardware.
• Reputational damage: makers, OEMs and distributors switched to Silicon Labs CP210x, WCH CH340/CH341, Prolific PL2303 and native-USB MCUs.
2016 “NON-GENUINE DEVICE FOUND!” driver
• FTDI tried a softer approach: leave PID intact but inject a warning string into every UART frame, corrupting normal data.
• Still considered hostile → pulled within weeks.
Current driver policy (2.12.36+ / D2XX 1.5x)
• Genuine parts enumerate and operate normally.
• Suspected counterfeits report error code 10 (“device failed to start”) or 0xE000024B in D2XX and do no persistent damage.
• FTDI supplies the FTDIChip-ID and SHA-1 certificate to OEMs for in-field authentication instead of punitive writes.
Market impact & technical fallout
• Dramatic rise of CH340-based Arduino clones and CP2102-based industrial designs.
• Greater scrutiny of firmware-embedded anti-tamper code and of “forced” updates via Windows Update.
• Supply-chain auditing, X-ray decapsulation and electrical-signature tests adopted by Tier-1 distributors.
• No new “FT232-gate” incidents have been reported in 2022-2024 driver releases.
• FTDI’s latest chips (FT232H, FT260, FT4232H) embed unique IDs and optional password-protected EEPROM blocks, allowing authentication without disabling hardware.
• Industry trend is to eliminate external bridges altogether: STM32F-series, RP2040, ESP32-S3, ATmega32U4 feature native USB 2.0 FS.
• Open-source USB stacks (TinyUSB, libopencm3) simplify migration.
• Standards bodies (IPC-1782, SAE AS6171) push traceability and anti-counterfeit test flows.
• EEPROM write cycle that changes PID uses FTDI command 0x91 (“EEPROM Write Enable”) followed by block write; counterfeits often lacked correct write-protection fuse, so driver exploit worked.
• Recovery:
ftdi_eeprom --device d:0403:0000 --manufacturer FTDI --product "FT232R USB UART" --pid 0x6001 --flash-eeprom. • Remote modification of user hardware without consent borders on “unauthorised access” in several jurisdictions.
• FTDI argued “self-help” under IP law; critics cited Computer Misuse Act (UK) and CFAA (US) risks. No court case was tested, but reputational cost was severe.
• Lesson: anti-counterfeit measures must balance IP enforcement with consumer rights and product-liability exposure.
• Counterfeit detection is an arms race; new clones periodically appear that evade FTDI’s heuristics, so future driver behaviour cannot be guaranteed.
• Some very old OS versions (Win XP, Win 7 without SHA-256 KB patches) may default back to 2014-era drivers if manual updates are applied; lock driver versions on legacy systems.
• Hardware PUF (Physically-Unclonable Function) integration into commodity interface ICs.
• Secure boot & signed-firmware models for bridge chips.
• Blockchain-based traceability for component lots (under trial in high-reliability supply chains).
• Comparative noise-immunity and latency benchmarks between FT232H, CP2102N, CH343P and native-USB MCUs.
The FT232 scandal peaked in 2014–2016 when FTDI driver updates intentionally disabled cloned chips, inadvertently harming end users. Following global backlash the destructive code was withdrawn; today’s drivers simply refuse to talk to suspected counterfeits, causing no permanent damage. The event accelerated the shift toward alternative USB-UART solutions and highlighted the need for ethical, user-respecting anti-counterfeit strategies and robust supply-chain verification.