Yes it does. But unless you're on a ridiculously high latency connection the transmission and cpu overhead is trivial. I would rather wait the extra 60 to 80 milliseconds that https requires to gain the extra security.
What really worries me about this crap is...What happens when these supposed terrorists finally get out of prison? Their mild dislike of the government will have most likely have turned into a burning hatred--and they're gonna start looking for an outlet.
The US government is turning into the best terrorist recruitment program ever.
As an astrophysicist, he shouldn't be commenting about fields he knows little or nothing about. With 30 years experience in computers and networking, I'm barely qualified to even enter into high-level technical discussions on network security. I would not comment professionally about any astrophysical discussions, and he shouldn't comment about network security.
No. Because the device is not really "bricked". All the driver update does is change the Hardware PID that identifies what it is. The device still works, the drivers just no longer identify it as valid for that driver. Most if not all other consumer hardware does not have changeable PIDs.
They do check. They don't have the personnel and resources to test every possible hardware configuration. And how would they test the fakes?
Add in the fact that the newer drivers for the real chip were already breaking the fake ones without changing the hardware PID of the fakes. All that changing the Hardware PID of the fake chip does is let the FTDI's support staff see that the non functional chip is a fake.
Does it suck? Yes. Could FTDI have done something else to identify the fakes? Maybe. But these chips are buggy as hell even when they were semi-functional with FTDI's drivers (they were not a counterfeit with the exact design of the original, but a cheap hack pretending to be something that it is not). This will hopefully stop shoddy manufacturers from using the fake chips just to shave a couple of cents off of manufacturing costs.
It's not Microsoft's fault. They are merely offering the drivers that were provided by the device manufacturer on the Windows Update service (they do this for all manufacturers). This is a service that makes Windows much easier to configure than Linux (try finding some non standard driver in Linux). Microsoft can't possibly test every possible piece of legitimate hardware--let alone the counterfeits. So how can they be at fault?
Because this dumb guy is getting a lot of press saying he's something he's not. Some other idiot (in the government or the military or some corporation) will listen to this idiot and fuck something royally up. This isn't some fool bragging about how he's a Navy Seal on some unknown forum. He's trying to get people to give him money by claiming to be something he's not, and able to do things that he can't.
Hopefully by writing about his lies it will filter up to the "mainstream media" that keep letting him spout his nonsense without fact checking.
Would you let a person claiming to be a top medical expert keep spouting bull-crap if you knew he's never been to a doctor's office let alone med school?