1. 13
    1. 8

      The response from FTDI seems to indicate that they’re aware of what’s going on and this isn’t some accident.

      1. 6

        Wow. Talk about a big, fat FUCK YOU to everyone bit by this. I think twitter user @macegr sums it up nicely:

        .@FTDIChip @davbbley @mikelectricstuf Your [FTDI’s] response to a supply chain issue is the digital equivalent of sugaring end users' gas tanks?

      2. 2

        …and a day later, that link is now dead and Mr. CEO is in full damage-control mode: http://www.ftdichipblog.com/?p=1053

        “Though our intentions were honorable…”


    2. 6

      I’ve contacted Microsoft to report the issue, both by phone and by email to their security folks. Response by email has been prompt and efficient. I spent half an hour being bounced around various people by phone, with everyone I spoke to unable to assist with the reporting of a security issue. Very poor form there.

      1. 5

        An update to this: the security folks have told me it’s not a security issue, but they’re forwarding it to the appropriate team.

        Perhaps I’m biased, but I’d have thought that a Windows Update that ships malware that bricks thousands of consumer devices without warning would constitute a security issue.

        But hey … at least they’re actioning it, and they responded so quickly. So, FYI: if you have a security issue to report to Microsoft, do it by email. Phone staff are utterly, completely useless for this.

      2. 2

        Another update: Microsoft had already been made aware of the issue, and were investigating. I’ve lodged a formal compliment over the way their security team responded to my report (once I found them). Prompt, helpful, efficient and reassuring.

    3. 4

      FTDIs own website says their chips are used on medical devices:


      Let’s hope that all the manufacturers are 100% certain of their supply chains, from top to bottom. And that there are no bugs in the driver that might cause inadvertent bricking.

      Way to go, FTDI.

      1. 5

        I’ve merged them.

        1. 3

          [meta] Well that’s a cool new trick, thanks @jcs!