Windows Update does what a developer would need a sledgehammer for

Summary: Microsoft delivers rogue drivers through Windows Update and they brick Arduino microcontrollers

SO, Microsoft says and insists on "loving" Linux, but its actions say otherwise. We previously explained how one of the antifeatures of UEFI 'secure boot', promoted by Intel and Microsoft (Wintel), is a potential bricker. Articles about this include:

• UEFI is Bricking Computers When One Removes Spyware With Back Doors (Microsoft Windows)
• NSA Confirms Remote Computer Bricking by BIOS (or UEFI) as a Real Strategy
• Windows Vista 8.1, or Windows 'Brick Edition', Shows That UEFI is Malicious, Opposite of 'Secure'
• If You Use Microsoft Windows, the NSA Can Brick Your Computer Hardware Remotely
• Why Samsung Hardware With UEFI Boot Gets Bricked by Linux
• Ignore the Spin: Microsoft's UEFI Programme Still Bricking Laptops
• Microsoft's Anticompetitive Attack on GNU/Linux Booting is Bricking Laptops

Today we have another story about ways in which Microsoft bricks Linux devices (by 'accident') and to quote a Microsoft booster, the 'updates' impacted victims and "bricked some of their hardware". Define "some". Microsoft Peter, who wrote about it early on (like 'damage control'), belittles the seriousness of this:

Hardware hackers building interactive gadgets based on the Arduino microcontrollers are finding that a recent driver update that Microsoft deployed over Windows Update has bricked some of their hardware, leaving it inaccessible to most software both on Windows and Linux. This came to us via hardware hacking site Hack A Day.

It makes one wonder why Arduino developers use a desktop platform that has back doors and a disastrous track record.

Going to the original source which has plenty of comments:

The FTDI FT232 chip is found in thousands of electronic baubles, from Arduinos to test equipment, and more than a few bits of consumer electronics. It’s a simple chip, converting USB to a serial port, but very useful and probably one of the most cloned pieces of silicon on Earth. Thanks to a recent Windows update, all those fake FTDI chips are at risk of being bricked. This isn’t a case where fake FTDI chips won’t work if plugged into a machine running the newest FTDI driver; the latest driver bricks the fake chips, rendering them inoperable with any computer.

So Microsoft is bricking Arduino devices now. Great! Mission accomplished.

Microsoft Peter is already seeing backlash to his Microsoft propaganda ('damage control') and not for the first time, either.

"The Microsoft press tries to justify this as an attack on "fake" chips," wrote Will Hill. "Bricking is malicious and intentional. People who reverse engineered the drive claim that the bricking is malicious and intentional."

"Microsoft Peter is already seeing backlash to his Microsoft propaganda ('damage control') and not for the first time, either."TechDirt said that "IP Is No Excuse: Even If Someone Is Using Fake Chips, It's Not Okay To Kill Their Devices". It said that "It's not entirely clear if this is something FTDI did on purpose or not (though, their comments below suggest they did), but it is worrisome, and it's simply not okay -- whether it was on purpose (in which case it's potentially illegal) or not (in which case it's just bad)."

Mike Masnick responded to the Microsoft booster/PR by saying that Microsoft can't just brick people's devices. He seems unaware of the background of the author and the gymnastics in logic (not knowledge) that he would stoop to in order to defend Microsoft in every possible situation, especially the most difficult and controversial situations that put Microsoft under a lot of public pressure and backlash, possibly lawsuits too (class action).

Public Knowledge weighed in, explaining that "being where they are, no one installing the update would ever see them (not even in a blink-and-you-miss-it clickthrough agreement). In other words, it’s a “warning” that’s less than useless.

"Less than useless because not only does it fail to warn, but its inclusion seems pretty clearly an attempt to avoid liability for destroying someone else’s device, without them actually seeing the warning. To extend the earlier metaphor a bit, this would be like a disclaimer posted in the back room of a Nike store that said that, by entering the store, I had agreed to have the shoes I’m wearing inspected and shredded if they turn out to be fake Nikes. In other words, a completely unenforceable term.

"We’ve spent a lot of time talking about how fine print can be used to fool consumers and deprive them of rights over what should be their own property before; this seems to be an extraordinary extreme of that. Maybe this should mark a turning point in the law’s willingness to support this kind of chicanery."

We found more or less the same party line in The Register, which wrote: "Responding to the growing furor, FTDI now says it has yanked the offending driver from Windows Update so that Windows users will no longer receive it automatically. But it says it has no intention of giving up the fight against (presumably) Chinese chip knockoff artists."

They are not knockoff artists, there was no legal case, and even if there's suspicion that something illegal was happening, it does not by any means justify bricking of hardware. Then again, Microsoft is a criminal company (reminder in the videos below), so we have come to expect such behaviour. When it can be conveniently painted as an 'accident', then it is usually defensibly. ⬆



Direct link to deposition video | Full set of the deposition videos (including Ogg Theora versions)