Feeds

Open-source hardware hacking effort 'smacked down' by USB overlords

Cough up $$$$s like the big boys for your ID codes

Secure remote control for conventional and virtual desktops

The USB Implementers Forum (USB-IF), the organisation that oversees the USB standard, has apparently sent the director of a small British electronics firm away with a flea in his ear for daring to suggest how it could make the lives of open-source hardware developers easier and cheaper.

Arachnid Labs’ Nick Johnson decided that if the forum insisted every gadget that supports the universal bus must sport both a vendor ID number and a product ID number - an allocation for which the forum charges - he would seek partners to buy a vendor ID to share and use as a source of free product IDs for makers of open-source electronics.

A laudable notion, you might think. Not everyone who wants to build USB-equipped kit sells sufficient quantities to warrant the $5,000 the forum wants in exchange for a vendor ID, a recent rise from the $2,000 it used to charge. Devices supply their ID numbers to the connected computer so that they can be accurately identified and the correct drivers loaded, and so on.

The construction of open-source kit, by definition, can’t be tightly controlled by the developer: the blueprints are publicly distributed under an open-source licence so that anyone can build and improve the electronics, after all.

Johnson wrote to the forum to ask how he should go about “licensing a vendor ID... explicitly for the purpose of enabling small developers producing open=source hardware to more easily produce USB devices”. He sensibly suggested the vendor ID should be assigned to “a not-for-profit foundation, whose members are allocated product IDs [PIDs] from a vendor ID [VID] owned by the foundation”. The forum is itself a not-for-profit entity.

“Membership would be free of charge, and PIDs would not be charged for either," he said. "PIDs would not be available to anyone outside the foundation, or anyone producing hardware that is not open source; if needed, additional restrictions on number of units could be imposed.”

The forum’s response, we're told, was thus: a cease-and-desist request demanding written assurances from Johnson that he “will no longer promote the purchase of a community vendor ID or product IDs for sale, transfer, or use by a third party”. It also apparently told him to “delete all references to the USB-IF, VIDs and PIDs for transfer, resale or sublicense from your website and other marketing materials”.

Prototype products

The forum’s executive director Traci Donnell points out that her organisation has vendor IDs available for hobbyists. It makes a number of VIDs available for the development of “prototype products”, and it will supply this provided the resulting kit isn’t going to be sold.

Fair enough, perhaps, for the lone hardware developer or team working on a personal project, but such a prototype ID number isn’t much use to, say, the creator of low-run hardware that isn’t going to sell in anywhere near the volumes for which the forum designed its licensing regime.

It’s doubly an issue for open-source hardware designs that can be taken, made and sold by someone other than the creator - and vendor ID buyer, if they have followed the rules.

Openmoko opens kimono

Many better-known open-source hardware engineers have indeed coughed up to the forum, among them Adafruit - it needed one to code the USB bootloader of its immensely cute Arduino-friendly microcontroller board Trinket.

Meanwhile, Openmoko, the community that arose out of the open-source phone firm of the same name, owns the latter’s vendor ID and sub-licenses product IDs to hardware projects distributed under free and open licences. It insists “the USB device you are developing is... an open hardware project (as per the OSHW Definition) with at least publicly available schematics”, but you’re free to sell it as long as that condition is made.

Even if your hardware isn’t open source, as long as your firmware is, you can get an Openmoko-sourced product ID. Openmoko lists more than 100 devices that use one of its Product IDs together with its Vendor ID.

Separately, USB chip company FTDI will provide its vendor ID and associated product IDs to “instances where production runs of a device may not be very large, or companies are working on a limited budget” because “membership [of] the USB-IF, in these cases, may cause a USB project to become economically infeasible” - it costs $4,000 a year.

But FTDI only provides this service to its customers, as do a few other firms that sub-license vendor ID and product ID pairs.

The USB Forum, of course, has to acknowledge the intellectual-property rights of the minds behind the technology that underpins the interface standard. But since USB is so ubiquitous, perhaps it’s time the organisation demonstrated it is able to think outside the mass-market box and help those whose business does not lie within it. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
TEEN RAMPAGE: Kids in iPhone 6 'Will it bend' YouTube 'prank'
iPhones bent in Norwich? As if the place wasn't weird enough
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
iPAD-FONDLING fanboi sparks SECURITY ALERT at Sydney airport
Breaches screening rules cos Apple SCREEN ROOLZ, ok?
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
A moment of brilliance? UPnP for Internet of Stuff lightbulbs
Thus doth tech of future illuminate present, etc
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.