It sounds like something out of a spy thriller. A piece of security software, masquerading as a routine driver update, sniffs out enemy chips and terminates them with extreme prejudice. There is no fix; the chip, and everything it’s connected to, is bricked.
Sneaky, huh? And not really all that hard to implement. With nearly everything connected “to the cloud,” it’s easy to insert new software remotely. And we’re all accustomed to downloading and installing new drivers every few weeks, so there’s nothing suspicious that would tip anyone off.
The case this week involves FTDI, a company that makes popular and inexpensive USB-interface chips. You’ve probably got one inside some device nearby, or you’ve used FTDI chips in your own designs. We’ve covered the company before here and here.
Unfortunately, some bad guys have been cloning FTDI’s chips and selling them as cheap replacements. They’re counterfeit, in other words. That’s not unknown in this business; there have been counterfeit microprocessors, memory chips, and FPGAs for almost as long as there have been silicon chips. It’s a fairly lucrative business if you’ve got the silicon technology to make it work
To thwart the counterfeiters, FTDI released a driver update. No big deal there. Interface firms update their drivers all the time. But this particular update searched for the subtle telltale signs that the chip was counterfeit and not genuine. If it found a bogus device, it programmed a special combination of configuration bits that instantly rendered the chip useless. The change is permanent and irreversible. Rolling back to the old driver won’t fix it. The chip is nuked; broken; totally useless.
And as the owner of a product containing this chip, you’re boned. You’ll get no mercy from FTDI.
Therein lies the rub. The people who bought a USB-connected lab instrument, tablet, gadget, game, or other device have absolutely no idea whose chips are inside – why would they? – and even less to say about their provenance. Yet they’re the ones who suffer. Their legitimately purchased product is now useless, all because somebody up the supply chain took a shortcut and bought a cut-price counterfeit chip.
Does the maker of the end product suffer? Perhaps indirectly, when their customers start flooding the tech-support hotline with complaints that the thing just stopped working. Indeed, that’s probably how these companies first found out about the imitation chips lurking inside their products.
Does the hardware OEM take the hit? The board manufacturer? The distributor of the dodgy components? How about the company that illegally counterfeited the chips in the first place? They’re obviously not going to cop to making gray-market products, so their brand and their reputation are unsullied. Their chips look just like real FTDI chips (that’s the whole idea), so there’s nobody to point the finger at. If anything, the failures look like a black mark on FTDI, the apparent maker of the now-useless parts.
So what would have been the right approach here? Was FTDI justified in searching out and destroying the forged silicon, even though they’d long ago passed through the supply chain and had arrived in the hands of perfectly innocent customers? Or was this an egregious betrayal of the customers’ trust in FTDI and its driver updates? Is this warranted vigilantism, or selfish corporate treachery?
FTDI itself is apparently conflicted. After a few weeks, the company removed its malicious driver update, and the CEO apologized (sort of) in the company’s official blog. But that doesn’t help the users whose devices are irretrievably broken.
In the United States, if you buy a used car that later turns out to have been stolen, you have to return it without any compensation. It doesn’t matter that you bought it in good faith and paid good money for it. You get nothing. It doesn’t even matter if you painstakingly traced the car’s history of ownership back through time, or conducted extensive background checks on the seller. It doesn’t matter if anyone involved in the transaction knew it was stolen or not. You’re out the money (and the car), and you get nothing but a great story to tell at the bar.
Similarly, FTDI is essentially reclaiming its stolen property, and the end customer, like the used-car buyer, gets the short end of the stick. When a stolen car is found and reclaimed years later, the buyer gets no reimbursement – who would pay him anyway? – and he becomes just another victim of the thief. The original owner is made whole (more or less) by getting his car back, albeit used. In FTDI’s case, they get to “reclaim” the stolen property by disabling it. And the innocent customer is, again, worse off than anyone.
How would you have handled this? Many disgruntled users in the FTDI incident have suggested that perhaps the company’s approach was just a touch more aggressive than it needed to be. The driver update could have notified users of the counterfeit chip instead of disabling it, along with the valuable product that contains it. Maybe damaging the device beyond repair was a bit extreme, and targeted the wrong parties anyway?
It’s hard to judge how this move will affect FTDI’s reputation among engineers. On one hand, the company is truly the injured party here. Their chips were counterfeited, so at the very least, it lost revenue – probably a lot of revenue. And who knows how much time the company wasted providing technical support for chips that weren’t even theirs. And how long must it have taken them to discover that there even were counterfeit chips circulating in the market? That’s a lot of wasted time and money, all because some shady firm decided to rip off their design and sell bogus chips with their name on them. FTDI has a right to some corporate anger.
Yet it seems like the company took the law into its own hands, and outside of Western movies and pulp detective novels, that’s rarely a good thing. We deride lawless territories that don’t share our ideas of propriety, order, and respect for intellectual property (the kind of place where these chips were likely made), but FTDI’s reaction seems similarly lawless and anarchic. It’s a shot across the bow to other potential counterfeiters – “we’ll sink you whenever we find you!” – but who is guilty of retaliatory piracy here? And whose ship are we sinking and whose passengers are we sending down in the battle?
As a designer, are you more or less likely to use FTDI chips? Or, more broadly, are you more likely to check out the origins of all the chips you design-in? And if so, how? Surely your distributor will say all the chips are genuine. And they probably are. But if they’re not, how would they know? And how will you know?
And if by chance they’re not genuine, will your customers be the first ones to tell you? When your tech support forum activity spikes with widespread reports of systems dying in the field, will that be your first indication that something deep inside your product isn’t what you thought it was?