Most of us have, at least once, had a Windows Update that made something work less well than it used to, instead of better. But it’s rare for a system software update to break part of your computer’s hardware entirely. And it’s even more rare for the update to break your computer on purpose. And yet with one particular kind of adapter chip, that’s exactly what’s happening.
As Ars Technica reports, the chips in question are in adapters that allow newer, USB-based hardware to connect with older machines that have serial ports. (Serial ports are the ones that use little pins that you have to line up on both ends, and they have gone rapidly out of use as other technology, like USB, has become widely adopted.)
Most of the chips are made by a Scottish company called FTDI. The FTDI chips are a widespread standard. But just like anything else on earth that gets to be a popular choice, knockoffs abound and can be hard to spot.
The company that makes an adapter may or may not know whether they put real or fake FTDI chips into it, but the customer on the end who buys and uses the adapter will have absolutely no way to tell. It would be like trying to inspect every hose inside of a washing machine before you buy it to be sure they came from the right factory before Whirlpool put them together. Realistically, end users can’t really do it.
The chips in these adapters need software system drivers to work in the same way that your printer needs the right system driver to work. The driver comes from FTDI but, as with most modern devices, Windows can grab and update the driver for you when you do a Windows Update.
In August, Ars Technica explains, FTDI — apparently sick and tired of all the counterfeit chips — changed their driver and the end-user license agreement for it. So the new driver deliberately scrambles knockoff chips, making them unusable.
The new EULA even says: “Use of the Software as a driver for, or installation of the Software onto, a component that is not a Genuine FTDI Component, including without limitation counterfeit components, MAY IRRETRIEVABLY DAMAGE THAT COMPONENT.”
In other words, updating the software on your adapter will completely brick your adapter if the chip inside it is fake. The chip that you have no way of tracing the provenance of. And because of the way that Windows Update can pull drivers down for you, you don’t have to go looking to update the driver on purpose. Your computer will helpfully do it for you.
End result? Run Windows Update, and suddenly discover some of your hardware is broken. And from the looks of it, very intentionally so.
As Public Knowledge points out, “The fact that disabling countless devices without warning can harm millions of innocent users and manufacturers should be a screaming sign that this is the wrong thing to do.” And not just “bad service” or “ethically questionable” wrong, either, but, if intentional, straight up illegal-wrong.
IP infringement does not give the infringed rights to destroy others’ property. Public Knowledge writes:
So whether or not FTDI has any trademark rights, copyrights, or other rights in whatever the knockoff chips are copying, the actual physical chips themselves are the property of their users, and FTDI doesn’t have the right to break them. A French vintner can’t stroll down the aisles of an American wine store with a hammer, shattering bottles of “California Champagne.” Roving gangs of Nike enforcers can’t rip fake Jordans off the feet of passing kids. And we don’t have Givenchy shock troops marching down Canal Street taking flamethrowers to fake handbags.
“If your IP rights are being infringed,” Public Knowledge concludes, “the proper course of action is to go to court, not take the law into your own hands.”
A Microsoft representative told Ars Technica that since the issue became widely reported, those two drivers have been removed from Windows Update. They added, “Our engineering team is engaging with FTDI to prevent these problems with their future driver updates via Windows Update.”
Windows Update drivers bricking USB serial chips beloved of hardware hackers [Ars Technica]
IP Rights Aren’t a License to Kill Devices (And No, Fine Print Doesn’t Make It OK) [Public Knowledge]
by Kate Cox via Consumerist
No comments:
Post a Comment